Security Flaw Allows Hackers to Get Windows 8 for Free

An activation flaw in Windows 8 allows anyone to get a free legitimate copy of the OS

By on November 21st, 2012 07:07 GMT

A security glitch discovered in Microsoft’s new Windows 8 operating system allows hackers to get a legitimate copy of the software for free.

The whole trick is based on Microsoft’s promotion for the Windows Media Center upgrade that’s available for free until January. Basically, pirates need an upgrade key to convert an illegal copy of the operating system into a genuine one.

WindowsWave writes that those who attempt to take advantage of the flaw install a copy of Windows 8 using absolutely any key. It doesn’t actually matter if it’s a counterfeited version or not, because pirates then apply a KMS (Key Management System) activation for their copy.

The last step involves the Windows Media Center upgrade key we told you about. Microsoft offers them for free until January, so getting a valid key is just a matter of minutes.

Windows Media Center doesn’t check the operating system to determine whether it’s genuine or not, so the previously used pirated key is replaced by the new one, provided by Microsoft.

Microsoft has struggled to make Windows 8 a more secure operating system, so every activation key works on a single copy of the software. The KMS activation, on the other hand, allows consumers to use Windows 8, pirated or not, for up to 180 days.

Reddit user noveleven has posted a comment to explain the way pirates can determine whether their Windows 8 copy has been activated or not. Here’s what he says:

“When you activate Windows via KMS, in the activation window it says “Windows is activated until…” and a date (so if you were to install it today, it would say it’s activated until May). After installing the upgrade, the window just says “Windows was activated on…” and the date of activation. That means the activation is permanent.”

“When you install the upgrade key, that replaces the existing product key; only the new upgrade key is used for future checks. Windows won’t check the key you used to install because it no longer has it,” he continued.

Comments