Microsoft Releases Vista Update to Fight Monster

The update is designed to prevent a "Frankenbuild" method of pirating the operating system that involves mixing files from different versions of the software so as to bypass the product activation technology.

Microsoft has released an update to Windows Vista that is designed to prevent a type of piracy of the operating system in which files from various test and final versions of the software have been mixed so as to bypass the product activation technology, an approach the company has dubbed the "Frankenbuild" monster.

The Frankenbuild workaround essentially involves cobbling together files from a Vista Release Candidate build with the build that was released to manufacturing in November, to create a hybrid that bypasses activation.

While Vista has only been released to businesses with a volume license, the software is set to be released to consumers on Jan. 30.

But copies of the operating system are already doing the rounds on the Internet, where hackers are trying to bypass its built-in security and product activation technologies.

/zimages/3/28571.gifMicrosoft CEO Steve Ballmer says he believes Vista will spur a wave of innovation. To read more, click here.

The Vista update released by Microsoft the week of Dec. 12 will use the new Windows Update client in Vista to make the "Frankenbuild" systems to go through a genuine validation check.

The update will only affect systems that are running a specific binary-tampered version of Windows Vista, Microsoft said in a statement.

/zimages/3/28571.gifClick here to read more about Microsofts tools for combating Vista piracy.

"These systems will fail that check because we have blocked the Release Candidate [product] keys for systems not authorized to use them. In other words, the wrong key is being used. The systems will then be flagged as non-genuine systems," the company said in a blog posting on the Windows Genuine Advantage site.

When detected, these unauthorized copies will be given a 30-day grace period to activate with a good product key, after which they will be put into a reduced functionality mode, where features like the new Aero user interface and ReadyBoost are no longer available to them, and their use of the operating system is limited to one hour with a default Web browser.

However, users of these tampered systems will still have access to all their data. "I want to be clear here that even though they can only use their browser for an hour at a time, we will never limit their access to their data," the blog posting said.

/zimages/3/28571.gifDoes mandatory Windows validation compromise users security? Click here to read more.

"A user can always boot their PC into what is called Safe Mode. Safe Mode is a mode of using Windows that has limited driver, display and networking support—but allows a user access to all their files," the company said.

But Microsoft also pointed out that the Frankenbuild workaround is far from the only one that the company has seen over the past few weeks. Another workaround involves the use of some virtualization technology and Key Management Services, practices used for activating larger business customers, the blog post said, adding that "pirating Windows Vista will have real consequences and will, in turn, encourage people to check before they buy."

/zimages/3/28571.gifAnalysts have said that the new anti-piracy and validation tools in Vista will discourage corporate uptake of the operating systems in 2007. Click here to read more.

The Redmond, Wash., software maker also warned in a statement that if further illegal workarounds or other examples of counterfeit Windows Vista code were posted to the Internet or became available through other means, "Microsoft may take additional steps to stop the spread and use of counterfeit versions of Windows Vista by releasing updates to the software, and then distributing the updates using various mechanisms, which may include and/or Windows Update."

The company has also released images of what genuine Windows Vista packaging looks like, as well as that of a counterfeit copy Microsoft obtained recently in Brazil.

More information on how to recognize genuine Microsoft software can be found here.

/zimages/3/28571.gifCheck out eWEEK.coms for Microsoft and Windows news, views and analysis.