Joe Williams, general manager of Microsoft’s Genuine Windows group, stated in a Genuine Windows Blog post “In the coming days, we’ll be deploying a new update for Windows Activation Technologies, the set of built-in activation and validation components built into Windows 7.”
Williams goes on to explain “Called Windows Activation Technologies Update for Windows 7, this update will detect more than 70 known and potentially dangerous activation exploits. Activation exploits are sometimes called “hacks”, and attempt to bypass or compromise Windows’ activation technologies. This new update is further evidence of Microsoft’s commitment to keeping customers and partners secure.”
It is understandable that Microsoft would want to thwart piracy of Windows 7. Obviously, Microsoft has a vested interest in ensuring that every copy of Windows 7 is a legally licensed, and more importantly paid for, copy of Windows 7. Piracy doesn’t do much for the bottom line.
The question is whether IT administrators should risk applying it. A user who has a known pirated copy of Windows 7 obviously won’t bother applying the update. Many businesses might believe their software is legitimate, though, but be unwittingly running counterfeit versions of Windows 7.
Applying the update should detect that the Windows activation technologies have been circumvented, and place pirated versions of Windows 7 into an unactivated state. The functionality will not be restricted in any way, but the desktop background will change to black and the operating system will frequently display alerts and pop-ups as a reminder that the operating system is not Genuine Windows.
Then what? From a purely moral or ethical stance, those businesses that find they have been duped into purchasing pirated copies of Windows 7 should discard the counterfeit versions and buy new, legitimate copies of Windows 7 from Microsoft. But, that means paying twice for the same software even though the company had no intent to defraud Microsoft in the first place.
IT administrators have more reason than the ethical dilemma, though, to be concerned about counterfeit copies of Windows 7. Williams clarifies in the blog post “Searching for, downloading, or installing activation exploits or counterfeit software on the Internet is risky, because sites that advertise these pirated products often contain malware, viruses, and Trojans, which are found bundled with or directly built into the activation exploit or counterfeit software. A study by research firm IDC, The Risks of Obtaining and Using Pirated Software, shows that one in four Web sites offering counterfeit software attempted to install unwanted or malicious code upon downloading. And this rate is rising.”
Williams continues “Media Surveillance, an anti-piracy solutions company based in Germany, recently downloaded more than five hundred pirated copies of Windows 7 (and Windows activation exploits) and found that 32% contained malicious code.”
So, essentially, the bargain-priced copies of Windows 7 you acquired from that questionable source online have somewhere between a 25 and 32 percent chance of containing malware and potentially exposing your computer systems and network to further compromise or exploit.
The Windows Activation Technologies Update is signature based and will update its signatures from Microsoft every 90 days and check the operating system again. That part makes no sense at all. If my Windows 7 is legitimate today, how exactly would it become counterfeit 90 days from now?
I support Microsoft’s efforts to prevent software piracy and protect customers from potentially malware-ridden counterfeit copies of Windows 7. I think Microsoft would be doing itself, and its customers a favor, though, if it also offered some sort of amnesty or discounted exchange program for small and medium businesses that have fallen prey to Windows 7 pirates.