Microsoft Genuine Advantage Cracked in 24 Hours

← Back to Stories (view on slashdot.org)

Microsoft Genuine Advantage Cracked in 24 Hours

Posted by CmdrTaco on Thursday July 28, 2005 @07:25AM from the only-a-matter-of-time dept.

jrobie writes "It looks like mandatory validation of your Windows XP license is now voluntary again. A simple hack has been found that disables the check. BoingBoing has the story. "

7 of 522 comments (clear)

Min score:

Reason:

Sort:

I can't believe I was actually worried about this. by TripMaster+Monkey · 2005-07-28 07:26 · Score: 4, Informative

A simple hack has been found that disables the check.

It's simple, all right...as simple as the kids over at Microsoft who decided to implement an anti-piracy measure utilizing javascript without any input validation. Sheesh.

--
____
~ |rip/\/\aster /\/\onkey
More then one way by KasKyt · 2005-07-28 07:39 · Score: 5, Informative

This bypass also works http://home19.inet.tele.dk/jys05000/ I tested it earlier today, good job MS :D
Re:WTF by TheViciousOverWind · 2005-07-28 07:41 · Score: 4, Informative

Erh... Think just a tiny bit before you post inane babble like that - The article was called "Microsoft Genuine Advantage[...]" and in the url it says "microsoft_genuine_ad". - See the resemblance? It's just an autogenerated filename their CMS came up with probably.

And now for something completely different (a comment about the article): I'm pretty sure the one who programmed this check knew that it wasn't bulletproof, and maybe it's just a case of a "proof of concept" project which suddenly becomes a "Gone live" project. - It will be pretty easy for them to fix, but it really is a huge embarassment for them, and you would think that a company with that kind of resources had rules to cover things like that (as in Rule #302742314 "Clientside checking is only okay if followed by a Serverside check").

--
My <1000 UID is with a hot chick
Different Way to Crack It... by 00Monkey · 2005-07-28 07:48 · Score: 5, Informative

I found that if you go to Tools->Manage Add-ons (Req. XP SP 2 of course), then select to show "Add-ons that have been used by Internet Explorer" and finally set Windows Genuine Advantage to "Disable" and then Restart Internet Explorer, it lets you do Windows Update just fine.
Re:It works... for now by Ingolfke · 2005-07-28 07:59 · Score: 4, Informative

MS has been saying that to be safe don't run exe's off the net and disable activeX,

Microsoft has been saying don't run unknown EXEs and ActiveX controls. They do sign all of their controls so for those of us who check before we run something we can validate that they're actually from Microsoft or some other trusted party before we run the app/control.
Comment removed by account_deleted · 2005-07-28 10:23 · Score: 4, Informative

Comment removed based on user account deletion
I cracked it nearly 6 months ago ;) by Anonymous Coward · 2005-07-28 11:16 · Score: 5, Informative

"Cracked in 24 hours"? I 'cracked' it so long ago (Proof) I'm surprised that this is even news. And you don't even need javascript enabled - all you need is "WinGenCookie=validation=0;" in your cookie. So just paste this into your location on any microsoft.com page: javascript:document.cookie='WinGenCookie=validatio n=0; expires=01 Jan 2999 00:00:00 GMT'; void 0

I mean, it was just so easy and obvious; I can't believe everyone else hadn't already found out about the easy ways to bypass it long ago.