Windows Genuine Advantage Explained

Windows Genuine Advantage
Developer:Microsoft
Latest Release Version:1.9.42.0
Operating System:Windows XP to Windows 7
Platform:IA-32, x86-64
Genre:Copy protection, digital rights management
License:Proprietary (same as Windows)

Windows Genuine Advantage (WGA) was an anti-infringement system created by Microsoft used to validate the licences of several Microsoft Windows operating systems upon accessing services such as Windows Update and Microsoft Download Center.

It consisted of two components: an installable component called WGA Notifications that hooks into Winlogon and validates the Windows license upon each logon and an ActiveX control that checks the validity of the Windows license when downloading certain updates from the Microsoft Download Center or Windows Update.

WGA Notifications covered Windows XP and later, with the exception of Windows Server 2003 and Windows XP Professional x64 Edition.

The ActiveX Control checked Windows 2000 Professional licenses as well.[1]

In Windows 7, WGA was renamed Windows Activation Technologies.[2]

Despite its name it does not actually evaluate the integrity or security of any computer.[3]

Features

The WGA validation process validates the present installation of Windows and its license key against the detected computer hardware and determines if the software was licensed from Microsoft. It is accessible by either a stand-alone program, a Netscape-compatible web browser plug-in, or as an ActiveX control within Internet Explorer, the latter of which is relevant to any attempt to access Microsoft updates via its browser. It includes the following steps:

The ActiveX control is downloaded on the first validation and when a new version is available, but the validation itself can be performed any time the user connects to a Microsoft Website to update.

On Windows Vista without service packs, WGA validation failure has a greater impact. In addition to persistent notification and the disabling of non-critical updates, WGA also disables Windows Aero, Windows Defender and Windows ReadyBoost. The user is given a grace period in which to then pass validation, after which most of the operating system is disabled and Windows reverts to reduced functionality mode. This behavior however has been removed in Service Pack 1 of Windows Vista in favor of prominent notices on systems believed unlicensed.

Software

WGA Validation Tool

When a user installs Windows Genuine Advantage, an Internet Explorer add-on is installed labeled "Windows Genuine Advantage".

In early releases the tool could be readily disabled with the IE Add-on Management feature.

A Windows Group Policy was added by later updates, causing this option to be unavailable by default, but still accessible if the policy were removed. As of July 2006, the latest update blocks management by other means.

The program uses either a stand-alone program to generate a key or an ActiveX control to discover whether the license key is valid; either way an Internet connection is required.

On Windows XP, if WGA determines that a user's copy of Windows is unauthorized but was installed from seemingly legitimate media (i.e., the CD/DVD and holographic emblem present on real copies of Windows seems genuine), then Microsoft will supply the user with a new CD/DVD. However, newer versions of Windows will still require the user to purchase a new copy. Microsoft also offers discounts to people who want to purchase a legitimate copy of Windows but do not have a valid CD. Microsoft has indicated that they will continue to deliver critical security updates through their Automatic Updates service as well as via the Microsoft Download Center, so that all systems, including those that fail to pass validation, will still continue to receive critical security updates.

The company has made installation of Windows Genuine Advantage a requirement for use of the Windows Update and Microsoft Update websites, in part to be sure that customers who use support resources of the company are aware when their software is unlicensed. According to Microsoft themselves, it is legal to run Microsoft Windows without Windows Genuine Advantage .

However, since non-critical Windows updates are not presented by Automatic Updates, installation of WGA is required for installation of such non-critical updates, which are only available through Windows Update or the Microsoft Download Center.

WGA Notifications

On April 25, 2006, Microsoft began distributing Windows Genuine Advantage Notifications[4] as "critical update" KB905474 to Windows users. For Windows 7, KB971033 has the same function.[5] Back in 2006, users with copies the WGA believed to be unlicensed were exposed to alerts[6] at startup, login, and during use of the Windows OS, stating that they do not have a genuine copy of Windows. Users with legitimate copies are not supposed to see the alerts (although some do anyway[7]). On May 23, 2006, Microsoft updated the program, closing some forms of circumvention, but reportedly not all.[8] It was updated again on May 30, June 6 and June 27, 2006, though some forms of circumvention are still usable. The latest versions do not roll out worldwide at the same time: the dates given are the earliest dates on which the versions appeared, so the actual version being offered in some places will be an earlier version than the latest release. It is still possible to opt out of receiving this update using the "do not show" option at the Windows Update site (Windows XP), and the "Hide" option in the right-click menu of Windows Update in Control Panel (Windows Vista/7/8). In addition to these notifications, Windows Genuine Advantage will also notify users with the message "This version of Windows XP is no longer secure" if users on an XP Operating System are not using Service Pack 3, and it will provide a link to help users to update their systems to the new service pack.

The version of Windows Genuine Advantage Notifications released November 29, 2006, had a changed install process to inform the user of what the program does, and can also be set to automatically update to newer versions of Windows Genuine Advantage Notifications. It also informs users that may have a non-genuine version of Windows why their Windows version isn't being reported as genuine. However, unlike previous releases, it started being only automatically delivered to Windows machines using four widely distributed product keys.[9]

The latest update (version 1.9.0040.0) was released on March 24, 2009.

WGA Validation Library

Microsoft includes the Windows Genuine Advantage Validation Library in several products, such as Windows validation tool or Windows Media Player 11, to check the validation about all Windows software. As of version 7, Internet Explorer no longer requires the user to pass a Windows Genuine Advantage test in order to download or install the software.

The WGA Validation Library is also included in the Microsoft Security Essentials 2.0 and validate the Windows installation whether it is legitimate or not. The program will stop working after 30 days once it failed the validation process.

The information is then used in the WGA Library to check for overuse of license keys.

Circumvention

In September 2005, Microsoft filed lawsuits against a number of companies that sold unauthorized copies of software based on information from users who were told they have copyright infringing software by the Windows Genuine Advantage application.[10]

On May 4, 2006, Microsoft announced lawsuits for allegedly distributing unauthorized copies of Windows against eDirectSoftware of Montana, and Chicago-area resellers Nathan Ballog and Easy Computers.[11]

Notifications and firewalls

Some personal firewalls, though not one embedded in Windows, may alert on the method by which wgatray.exe is started; in the case of Outpost firewall, it is identified as a "hidden process". The wgatray.exe process itself can be firewall blocked, without apparent problems.

A tool has been released by a firewall vendor to prevent WGA Notifications transmitting information from one's PC.[12]

Data collected

Through Windows Genuine Advantage, Microsoft collects the following data:[13] [14]

WGA in China

On October 20, 2008, many users of Windows XP in China received a black desktop, as Microsoft introduced its WGA system for Chinese language systems[15] [16] [17] in an effort to combat copyright violation, which is extremely common in China.

Since the majority of users in China run unlicensed copies of Windows, many users have experienced what is described as a "black screen syndrome", where the operating system changes the desktop background to a black screen, as well as displays constant warning messages.[18] [19]

Some users have even reported the disabling of Office programs such as Microsoft Word, PowerPoint and Outlook.[20]

According to various polls carried out by Chinese portals such as Sohu.com, QQ.com, 21cn.com, and many others, a large number (over 60% of those surveyed) of Chinese Internet users are hostile to Microsoft Windows Genuine Advantage (WGA) and Office Genuine Advantage (OGA).[21]

Criticisms

Time bomb

Even if WGA does not really make the operating system unusable, no updates except critical ones can be downloaded from Microsoft. Rather than just disallowing updating, Windows Vista originally ran in reduced-functionality mode if found by WGA to be compromised[22] [23] if a product has not been considered genuine which has made some people compare WGA to time bomb software.[24] [25] [26] Windows Vista SP1 and SP2 have removed this behavior and reverted to the nag-only methods of Windows XP.[27]

Spyware accusations

The notification tool has been accused of spyware-like behavior, "phoning home" on a daily basis.[28] [29] [30] Microsoft subsequently admitted the behaviour, but denied that it amounted to spyware.[31] [32] Following pressure, Microsoft announced that in future the tool would only phone home once every two weeks, instead of every day.[33] Microsoft has also provided removal instructions for the pilot version of WGA.[34]

Despite this, Microsoft was sued under anti-spyware statutes over WGA's non-disclosed "phone home" behaviour.[35] The lawsuit has since been dismissed.[36]

False positive rate

The WGA program can produce false positives (incorrectly identifying a genuine copy of Windows as "not genuine"). This can happen for any number of reasons such as failed updates, etc. Microsoft has established a forum to help users encountering problems.[37] In February 2007, a "Not Sure" section was added to the program, in case of an incorrect reading.[38]

According to an Ars Technica editorial, WGA reported around 22% of 500 million Windows computers as failing the test; of these less than 0.5% were due to unauthorized software, with the balance (over 20%, or 90% of all positives) related to edge cases. Microsoft "refused to comment on the rate of pure false positives" beyond saying it was "under 1%" (or as stated, at most around 5 million users affected).[39]

False negatives

On June 18, 2007, it surfaced that it is possible to positively validate as a "Genuine Microsoft Product" user (and as a result be able to download certain software from Microsoft's official website) using Internet Explorer with IEs4Linux and Wine, running on Linux,[3] without having Windows installed.

Major failures in WGA system

On October 5, 2006, a WGA failure occurred, incorrectly flagging some systems as being non-genuine.[40]

On August 25, 2007, the Microsoft WGA servers suffered an outage, resulting in many legitimate copies of Windows XP and Vista being marked as counterfeit.[41]

The issue was solved about 12 hours later. According to Microsoft, "fewer than 12,000 systems were affected worldwide."[42]

On July 18, 2008, reports of Microsoft's WGA and OGA servers being offline surfaced again. Microsoft later responded that only offline verification was temporarily down.[43]

See also

External links

Notes and References

  1. Web site: The Windows Genuine Advantage (WGA) validation check process does not complete when you try to validate your copy of Windows Vista, Windows XP, or Windows 2000 Professional. Microsoft. 2009-04-13. 2009-03-14. https://web.archive.org/web/20090314082333/http://support.microsoft.com/kb/905226. live.
  2. Web site: WGA dubbed Windows Activation Technologies with Windows 7 . 7 May 2009 . 2017-06-15 . 2012-01-12 . https://web.archive.org/web/20120112113507/http://arstechnica.com/microsoft/news/2009/05/for-windows-7-microsoft-renames-wga-to-wat.ars . live .
  3. Web site: Ubuntu Linux Validates As Genuine Windows . Slashdot . 2007-06-18 . 2019-02-26 . 2019-04-02 . https://web.archive.org/web/20190402195725/https://linux.slashdot.org/story/07/06/18/0037223/ubuntu-linux-validates-as-genuine-windows . live .
  4. http://support.microsoft.com/kb/905474/ Microsoft.com – Description of the Windows Genuine Advantage Notifications application
  5. Web site: Description of the update for Windows Activation Technologies . 2011-04-30 . 2015-02-23 . https://web.archive.org/web/20150223133233/http://support.microsoft.com/kb/971033 . live .
  6. Web site: Agarwal . Amit . WGA Notifications: This copy of Windows is not genuine . Digital Inspiration . 17 September 2021 . https://web.archive.org/web/20060630025819/http://labnol.blogspot.com/2006/04/wga-notifications-this-copy-of-windows.html . dead. 30 June 2006.
  7. Announcement on usenet entitled "Windows Genuine Advantage – warning appears on activated machine" by Rubert Sland
  8. http://www.smh.com.au/news/breaking/microsoft-back-to-drawing-board-on-piracy/2005/08/08/1123353252441.html?oneclick=true Sydney Morning Herald – Microsoft back to drawing board on piracy
  9. http://blogs.msdn.com/wga/archive/2006/11/29/new-wga-notifications-released.aspx MSDN Blogs – New Windows Genuine Advantage Notifications Released
  10. Microsoft Files Lawsuits to Protect Consumers and Software Resellers. June 13, 2006. https://archive.today/20120910044100/http://www.microsoft.com/en-us/news/press/2005/sep05/09-19PiracyEnfSept05PR.aspx. September 10, 2012.
  11. http://www.informationweek.com/story/showArticle.jhtml?articleID=187200796 InformationWeek – Microsoft: Users may have to prove legal Windows use
  12. Web site: The Register – How to stop Microsoft's WGA phoning home . . 2017-08-10 . 2017-08-10 . https://web.archive.org/web/20170810131146/https://www.theregister.co.uk/2006/06/22/wga_remove/ . live .
  13. http://windows.microsoft.com/en-US/windows/genuine/privacy-statement What data is collected? -Microsoft
  14. http://www.groklaw.net/article.php?story=20060608002958907 Microsoft's Calling Home Problem: It's a Matter of Informed Consent
  15. Web site: 微软发出"黑色提醒" . 2008-10-20 . 2012-03-20 . https://web.archive.org/web/20120320205946/http://wzdsb.66wz.com/system/2008/10/19/100853032.shtml . live .
  16. Web site: 微软开始打击盗版 桌面背景变为黑色 . 15 October 2008 . 2008-10-20 . 2017-07-07 . https://web.archive.org/web/20170707112625/http://tech.163.com/08/1015/19/4OANN9V8000915BD.html . live .
  17. Microsoft Peeves Chinese With Anti-Piracy Tactics – Wired.com . Wired . 2008-10-20 . 2009-02-20 . https://web.archive.org/web/20090220074142/http://blog.wired.com/business/2008/10/microsoft-peeve.html . live . Schiffman . Betsy .
  18. Web site: 对网上盛传的《微软详解Vista SP1封杀盗版激活》三点质疑 . 2008-10-20 . 2012-03-20 . https://web.archive.org/web/20120320115421/http://hi.baidu.com/guoguo6688/blog/item/fcc44fc6f05d541f9d163d86.html . live .
  19. Web site: 盗版的噩梦?Vista SP1新的反盗版技术 . 2008-10-20 . 2011-09-11 . https://web.archive.org/web/20110911232704/http://www.cbifamily.com/software/softsystem/2008-02-25/1203920558d1083.html . live .
  20. Web site: 微软开始打击盗版 桌面背景变为黑色 . 2008-10-20 . 2012-12-13 . https://web.archive.org/web/20121213174259/http://it.icxo.com/htmlnews/2008/10/16/1310099.htm . live .
  21. Web site: Panicking users rail against Microsoft anti-piracy crackdown . 2008-10-20 . 2016-12-23 . https://web.archive.org/web/20161223165348/http://www.china.org.cn/china/national/2008-10/17/content_16630207.htm . live .
  22. Web site: ZDNet . 2007-04-04 . 2009-09-23 . https://web.archive.org/web/20090923034443/http://content.zdnet.com/2346-12554_22-56027-3.html . dead .
  23. Web site: The Ed Bott Report Page 221 . 2007-04-04 . 2008-12-23 . https://web.archive.org/web/20081223003408/http://blogs.zdnet.com/Bott/?p=221 . dead .
  24. News: Onerous Vista Activation—A Time Bomb? . PC Magazine . John C. . Dvorak . October 16, 2006 . September 18, 2017 . July 10, 2009 . https://web.archive.org/web/20090710115347/http://www.pcmag.com/article2/0,1895,2031647,00.asp . live .
  25. News: Windows Genuine Advantage: A Ticking Time Bomb? . Fox News . October 19, 2006 . April 4, 2007 . May 23, 2007 . https://web.archive.org/web/20070523040056/http://www.foxnews.com/story/0,2933,222518,00.html . live .
  26. Web site: » Is Microsoft about to release a Windows “kill switch”? Ed Bott’s Microsoft Report . 2007-04-04 . 2010-03-27 . https://web.archive.org/web/20100327094145/http://blogs.zdnet.com/Bott/?p=84 . dead .
  27. Web site: New WGA Behavior in Windows Vista Service Pack 1 . 2008-01-01 . 2007-12-29 . https://web.archive.org/web/20071229194557/http://www.winsupersite.com/showcase/winvista_sp1_wga.asp . live .
  28. http://lauren.vortex.com/archive/000178.html Lauren Weinstein's Blog – Windows XP update may be classified as 'spyware'
  29. http://news.zdnet.com/2100-3513_22-6081286.html?tag=nl.e589 Microsoft's antipiracy tool "phones home" daily
  30. Web site: Windows Secrets – Genuine Advantage is Microsoft spyware. June 15, 2006. 2007-03-03. Brian Livingston. Newsletter. Windows Secrets. 2007-03-02. https://web.archive.org/web/20070302110002/http://windowssecrets.com/comp/060615#story1. live.
  31. https://arstechnica.com/news.ars/post/20060608-7017.html Ars Technica – Microsoft admits Windows Genuine Advantage phones home
  32. http://lauren.vortex.com/archive/000179.html Lauren Weinstein's Blog – Microsoft responds regarding Windows XP gr update vs Spyware
  33. https://web.archive.org/web/20060613014110/http://news.zdnet.com/2100-1009_22-6082334.html ZDNet – Microsoft to ease up on piracy check-ins
  34. Web site: How to disable or uninstall the pilot version of Microsoft Windows Genuine Advantage Notifications. July 12, 2006. Microsoft. December 30, 2006. February 24, 2015. https://web.archive.org/web/20150224142934/http://support.microsoft.com/kb/921914. live.
  35. http://www.seattlepi.com/business/275780_msftsuit29.html Lawsuit calls Microsoft's anti-piracy tool spyware | Seattle Post-Intelligencer
  36. https://arstechnica.com/microsoft/news/2010/02/microsoft-wins-windows-xp-wga-lawsuit.ars Microsoft wins windows xp wga lawsuit | Ars Technica
  37. Web site: Microsoft WGA Help Forum . 2006-09-10 . 2006-08-23 . https://web.archive.org/web/20060823022744/http://forums.microsoft.com/Genuine/ShowForum.aspx?ForumID=442&SiteID=25 . dead .
  38. https://arstechnica.com/old/content/2007/02/8922.ars Ars Technica: Windows Genuine Advantage's newest setting: "You might be a pirate"
  39. Web site: Windows Genuine Advantage falsely accuses millions. Fisher. Ken. January 24, 2007. Ars Technica. Condé Nast. October 31, 2017. November 7, 2017. https://web.archive.org/web/20171107004451/https://arstechnica.com/uncategorized/2007/01/8690/. live.
  40. Web site: WGA failure on October 5th, 2006 . 2007-08-27 . 2009-07-08 . https://web.archive.org/web/20090708030308/http://blogs.msdn.com/wga/archive/2006/10/05/WGA-service-outage.aspx . live .
  41. Web site: Microsoft WGA Help Forum citing response from MS Support . 2007-08-25 . 2008-04-18 . https://web.archive.org/web/20080418155315/http://forums.microsoft.com/Genuine/ShowPost.aspx?PostID=2053834&SiteID=25 . live .
  42. Web site: Update on Validation Issues . 2007-08-28 . 2009-07-18 . https://web.archive.org/web/20090718221806/http://blogs.msdn.com/wga/archive/2007/08/27/update-on-validation-issues.aspx . live .
  43. Web site: Users reporting failed Windows and Office validations or.. (Updated) . 18 July 2008 . 2017-06-15 . 2008-09-17 . https://web.archive.org/web/20080917230258/http://arstechnica.com/news.ars/post/20080718-microsofts-wga-and-oga-servers-are-down-again.html . live .