Microsoft confirms Windows 7 activation leak

Dong Ngo CNET News | July 31, 2009 11:54 AM PDT

Summary

Microsoft confirmed the rumor that an ISO file of Windows 7 RTM sent to Lenovo that contains a master key - a number used to verify the authenticity of the software - was leaked to the Internet.

Topics

Microsoft Corp., Microsoft Windows 7, Microsoft Windows, Operating Systems, Software, Windows 7, activation, leak, Dong Ngo CNET News

Vendor HotSpot

Here to help you with your Document Management Needs

Read the DocuMentor blog now

Learn More »

Alex Kochis, Microsoft's director of Genuine Windows, posted a blog late Thursday addressing the "leak of a special product key" of Windows 7 RTM (release to manufacturers). This confirmed the rumor on Tuesday that an ISO file of Windows 7 RTM sent to Lenovo that contains a master key--a number used to verify the authenticity of the software--was leaked to the Internet.

According to the blog, "The key is for use with Windows 7 Ultimate RTM product that is meant to be preinstalled by the OEM (original equipment manufacturer) on new PCs to be shipped later this year. As such, the use of this key requires having a PC from the manufacturer it was issued to. We've worked with that manufacturer so that customers who purchase genuine copies of Windows 7 from this manufacturer will experience no issues validating their copy of Windows 7. At the same time we will seek to alert customers who are using the leaked key that they are running a non-genuine copy of Windows. It's important to note that no PCs will be sold that will use this key."

Also read: Windows 7 activation ... FAIL!
Special Report: Windows 7 at the finish line

This means the hacked key will still work, though it will likely be identified, presumably when the computer with this version of the hacked Windows 7 OS installed connects to download updates from Microsoft.

Kochis said Windows 7 includes an improved capability to detect activation exploits and it should be able to alert the customer when the leaked version or other hacks are used to install Windows 7 on a PC.

He added, "Our primary goal is to protect users from becoming unknowing victims, because customers who use pirated software are at greater risk of being exposed to malware as well as identity theft. Someone asked me recently--and I think it's worth noting here--whether we treat all exploits equally in responding to new ones we see. Our objective isn't to stop every "mad scientist" that's out there from dabbling; our aim is to protect our customers from commercialized counterfeit software that impacts our customers' confidence in knowing they got what they paid for."

Personally, I don't see what Microsoft can do now that the key and the ISO is out in the wild, other than wait for a system installed with that copy of Windows 7 to connect to its update servers. In the meantime, it can issue another key to OEMs to make sure they don't use they leaked key and hope that consumers will buy its genuine product and, of course, pay the full price for it.

It's safe to say that we probably have to wait for a service pack of the operating system to be sure that this leak is fully addressed. In the meantime, this leaked key could still pose a big problem if the hackers are able to alter the ISO and sell it as counterfeit retailed package of the OS. In this case, customers will only find out that they don't have an genuine copy, if they ever do, when it's too late.
Click on the image to enlarge.

This article was originally posted by CNET News.

Talkback Most Recent of 29 Talkback(s)

Follow via:: RSS; Email Alert

So who's responsible for the leak?

The sender or the sendee?
Michael Kelly
31st Jul 2009
- Reply to
- Flag
RE: Microsoft confirms Windows 7 activation leak

This is one way for Microsoft to get market share back.
AdventTech67
31st Jul 2009
- Reply to
- Flag
Pagan Jim will be happy about this

http://talkback.zdnet.com/5208-10532-0.html?forumID=1&threadID=67344&messageID=1278112

He proudly admits to installing hundreds of copies of XP without buying a single license. Disgusting.
NonZealot
31st Jul 2009
- Reply to
- Flag
That's not possible, don't believe the hype ...

... M$ have a system in place to thwart that kind of thing.

M$ is always forward thinking.

^o^
n0neXn0ne
31st Jul 2009
- Reply to
- Flag
Not with XP

I have a volume license key for XP (legitimate) and no activation is required. They changed that with Vista because of people like Pagan Jim.
NonZealot
31st Jul 2009
- Flag
Still easy ways to activate

On Vista 'illegitimately'. I did that on NUMEROUS
computers that I bought a copy of Vista on
legally, only for it to barf and say "NOT
LEGITIMATE!" after doing an upgrade re-install of
the OS.

One was just a tool that you run as an admin, it
installs, done!
Lerianis10
2nd Aug 2009
- Flag
Although let me ask you point blank...

Do you support people using this leaked key to sell copies of Windows 7 to unsuspecting people? To suspecting people? To install it themselves without paying the for-profit company that paid its employees to write that software?

Note that it is one thing to choose not to buy a product because you feel it is overpriced, it is entirely a different thing to support the use of that product without paying the asking rate. Note that I'm trying not to use the word "steal" or "thief" because I get pounced upon by the semantics police so if I'm using odd terminology, that's why.
NonZealot
31st Jul 2009
- Flag
Although let me answer point blank ...

My answer is no to all the above.

To be 100% safe and sure?

It's like tainted meat. You can never be sure, so don't buy it.

Use Linux w/codeweavers or wine. That way you don't have to overcome Jim's and China's moral defect.

^o^
n0neXn0ne
1st Aug 2009
- Flag
Moral defect?

China has no such defect. If it existed under the same moral ethos as the US then its inaction against software pirates might be a moral issue, but they don't, and therefore it isn't.
alec.wood@...
3rd Aug 2009
- Flag
RE: Microsoft confirms Windows 7 activation leak

Thanks, Microsoft, for confirming what I said in the massive talkback on the original "Activation FAIL" thread.

It doesn't matter how many 'new ways' are engineered into Windows 7 - they all rely on communication back to Microsoft. If people using this copy set it so it never phones home (ie. they turn off Windows Update and get their updates from less reputable sources which also rip out WGA), there's nothing MS can do. They won't even know it's being used.

I agree that steps need to be taken to protect those who may end up with this illegal copy thinking it's genuine.. but, really, common sense should be used. If someone is selling what looks to be a retail boxed copy of Win7 on some street corner vendor cart for a third of the price, it should raise some questions in the potential buyer's mind.
Captiosus
31st Jul 2009
- Reply to
- Flag
Past the time when ALL copies

Should be deemed legitimate. There is no reason
why someone should be told that something is
'illegitimate'.

I know of NO other software that does that save
for OS's from Apple and Microsoft.
Lerianis10
2nd Aug 2009
- Reply to
- Flag
RE: Microsoft confirms Windows 7 activation leak

Another way of pushing the product in market - Give it for free for testing as there may not be many buyers as expected and to pretend its leaked...
Eiao
31st Jul 2009
- Reply to
- Flag
RE: Microsoft confirms Windows 7 activation leak

A leak?? What - with Windows??? Surely not! Ha ha ha ha.

Get wise - give Microsoft a miss
efreedom
1st Aug 2009
- Reply to
- Flag
Actually ONLY a problem for those that DON'T buy a legitimate copy

nt
Patanjali
1st Aug 2009
- Reply to
- Flag
So, there's no downside to those folk..

Who's copies have been hijacked?

Really?
zkiwi
1st Aug 2009
- Reply to
- Flag