14 DAY TRIAL // Microsoft will validate as genuine all copies of Windows Vista and Windows XP that pass through the Windows Genuine Advantage in scenarios in which the WGA servers are down, the Redmond company informed. In such cases, even pirated copies of Windows Vista and Windows XP will not be flagged as non-genuine, permitting users access to the same software downloads from the company as the actual genuine versions of the Windows operating system would provide.
"Our system is designed to default to genuine if the service is disrupted or unavailable. In other words, we designed WGA to give the benefit of the doubt to our customers. If our servers are down, your system will pass validation every time. This event was not the same as an outage because in this case the trusted source of validations itself responded incorrectly," revealed Alex Kochis, Senior Product Manager for Windows Genuine Advantage.
However, although Microsoft has set up its anti-piracy mechanism in order to compensate for a potential server outage, the company failed to do the same for human errors. On Friday and Saturday of the past week, in excess of 12,000 copies of genuine Windows Vista and Windows XP processed by the WGA were erroneously flagged as pirated. Kochis revealed that the issue was not connected to a server outage as initially believed but was instead generated by a human error which impacted both the Activation and the Windows genuine Advantage processes.
"Two key things happened. First, activations and validations were both affected when preproduction code was accidentally sent to production servers. Second, while the issue affecting activations was fixed in less than thirty minutes (by rolling back the changes) the effect of the preproduction code on our validation service continued after the rollback took place," Kochis explained. "Nothing more than human error started it all. Pre-production code was sent to production servers. The production servers had not yet been upgraded with a recent change to enable stronger encryption/decryption of product keys during the activation and validation processes. The result of this is that the production servers declined activation and validation requests that should have passed."
Microsoft also added that the response implemented to resolve the erroneous behavior of Activation and WGA could not be accurately analyzed because of the lack of monitoring capabilities. This permitted the WGA failures to continue for almost 24 hours.
"We have implemented several changes to address the specific issues that took place over the weekend - for example we are improving our monitoring capabilities to alert us much sooner should anything like this happen again. We're also working through a list of additional changes such as increasing the speed of escalations and adding checkpoints before changes can be made to production servers," Kochis added.