Vista SP1 To Enhance Security, Block Piracy

• By Jabulani Leffall
• 12/04/07

Responding to feedback from customers and channel partners, Microsoft said today that the first service pack for Windows Vista will fight off known exploits as well as kill off its "reduced functionality mode," a feature that locks out what the system perceives to be unlicensed users.

In a press release, Redmond said it's making "changes in how it differentiates user experiences for genuine and counterfeit systems with updates that target and disable two types of known exploits to the Windows Vista activation process."

Microsoft executive Michael Sievert cited the "OEM BIOS" exploit and the so-called "Grace Timer" exploit as the two main setup bugs enabling piracy.

"OEM BIOS" modifies system files and mimics OS activation mechanisms such as those performed on pre-installed copies of Windows.

The "Grace Timer" exploit, true to its name, resets the "grace time" limit between installation and activation, allowing a user to run Vista freely and indefinitely without a formal license.

Sievert warned that the exploits involve "extreme alterations to key system components and can seriously affect system stability."

"We know that Windows Vista is a lot harder to counterfeit than Windows XP, but we also know that pirates will keep trying," Sievert said.

Microsoft said it had pursued legal action against more than 1,000 dealers of counterfeit Microsoft products in the last year and taken down more than 50,000 "illegal and improper" online software auctions.

They will have less success, however, with the impending demise of the "reduced functionality mode." Since Vista was launched, there have been isolated complaints of users claiming to be kicked out of the OS despite having a legally purchased copy of Windows.

"The approach they're taking with [SP1] seems to be a lot more reasonable," said Michael Cherry, an analyst with Redmond-based Directions on Microsoft, an independent research company. "You don't want to alienate people who bought your product in good faith. There have been cases where past anti-piracy moves have caused severe loss of access."

To remedy such problems, "Users whose systems are identified as counterfeit will be presented with clear and recurring notices about the status of their system and how to get genuine copies," Sievert stated in the release.

Cherry allowed that the proposed changes for the upcoming Vista SP1 release are a step in the right direction, even if they result in a new series of largely unwanted pop-ups for users.

"You'll continue to get nagged, but at least you can get your work done," Cherry said. "You see it all the time and you say to yourself, 'No, I don't want a tour of Windows,' 'Yes, I know my Automatic Updates isn't on,' 'Oh great, my license is authentic,' 'Good, now maybe I can finish doing my job.'"