Windows Genuine Advantage | |
Developer: | Microsoft |
Latest Release Version: | 1.9.42.0 |
Operating System: | Windows XP to Windows 7 |
Platform: | IA-32, x86-64 |
Genre: | Copy protection, digital rights management |
License: | Proprietary (same as Windows) |
Windows Genuine Advantage (WGA) was an anti-infringement system created by Microsoft used to validate the licences of several Microsoft Windows operating systems upon accessing services such as Windows Update and Microsoft Download Center.
It consisted of two components: an installable component called WGA Notifications that hooks into Winlogon and validates the Windows license upon each logon and an ActiveX control that checks the validity of the Windows license when downloading certain updates from the Microsoft Download Center or Windows Update.
WGA Notifications covered Windows XP and later, with the exception of Windows Server 2003 and Windows XP Professional x64 Edition.
The ActiveX Control checked Windows 2000 Professional licenses as well.[1]
In Windows 7, WGA was renamed Windows Activation Technologies.[2]
Despite its name it does not actually evaluate the integrity or security of any computer.[3]
The WGA validation process validates the present installation of Windows and its license key against the detected computer hardware and determines if the software was licensed from Microsoft. It is accessible by either a stand-alone program, a Netscape-compatible web browser plug-in, or as an ActiveX control within Internet Explorer, the latter of which is relevant to any attempt to access Microsoft updates via its browser. It includes the following steps:
The ActiveX control is downloaded on the first validation and when a new version is available, but the validation itself can be performed any time the user connects to a Microsoft Website to update.
On Windows Vista without service packs, WGA validation failure has a greater impact. In addition to persistent notification and the disabling of non-critical updates, WGA also disables Windows Aero, Windows Defender and Windows ReadyBoost. The user is given a grace period in which to then pass validation, after which most of the operating system is disabled and Windows reverts to reduced functionality mode. This behavior however has been removed in Service Pack 1 of Windows Vista in favor of prominent notices on systems believed unlicensed.
When a user installs Windows Genuine Advantage, an Internet Explorer add-on is installed labeled "Windows Genuine Advantage".
In early releases the tool could be readily disabled with the IE Add-on Management feature.
A Windows Group Policy was added by later updates, causing this option to be unavailable by default, but still accessible if the policy were removed. As of July 2006, the latest update blocks management by other means.
The program uses either a stand-alone program to generate a key or an ActiveX control to discover whether the license key is valid; either way an Internet connection is required.
On Windows XP, if WGA determines that a user's copy of Windows is unauthorized but was installed from seemingly legitimate media (i.e., the CD/DVD and holographic emblem present on real copies of Windows seems genuine), then Microsoft will supply the user with a new CD/DVD. However, newer versions of Windows will still require the user to purchase a new copy. Microsoft also offers discounts to people who want to purchase a legitimate copy of Windows but do not have a valid CD. Microsoft has indicated that they will continue to deliver critical security updates through their Automatic Updates service as well as via the Microsoft Download Center, so that all systems, including those that fail to pass validation, will still continue to receive critical security updates.
The company has made installation of Windows Genuine Advantage a requirement for use of the Windows Update and Microsoft Update websites, in part to be sure that customers who use support resources of the company are aware when their software is unlicensed. According to Microsoft themselves, it is legal to run Microsoft Windows without Windows Genuine Advantage .
However, since non-critical Windows updates are not presented by Automatic Updates, installation of WGA is required for installation of such non-critical updates, which are only available through Windows Update or the Microsoft Download Center.
On April 25, 2006, Microsoft began distributing Windows Genuine Advantage Notifications[4] as "critical update" KB905474 to Windows users. For Windows 7, KB971033 has the same function.[5] Back in 2006, users with copies the WGA believed to be unlicensed were exposed to alerts[6] at startup, login, and during use of the Windows OS, stating that they do not have a genuine copy of Windows. Users with legitimate copies are not supposed to see the alerts (although some do anyway[7]). On May 23, 2006, Microsoft updated the program, closing some forms of circumvention, but reportedly not all.[8] It was updated again on May 30, June 6 and June 27, 2006, though some forms of circumvention are still usable. The latest versions do not roll out worldwide at the same time: the dates given are the earliest dates on which the versions appeared, so the actual version being offered in some places will be an earlier version than the latest release. It is still possible to opt out of receiving this update using the "do not show" option at the Windows Update site (Windows XP), and the "Hide" option in the right-click menu of Windows Update in Control Panel (Windows Vista/7/8). In addition to these notifications, Windows Genuine Advantage will also notify users with the message "This version of Windows XP is no longer secure" if users on an XP Operating System are not using Service Pack 3, and it will provide a link to help users to update their systems to the new service pack.
The version of Windows Genuine Advantage Notifications released November 29, 2006, had a changed install process to inform the user of what the program does, and can also be set to automatically update to newer versions of Windows Genuine Advantage Notifications. It also informs users that may have a non-genuine version of Windows why their Windows version isn't being reported as genuine. However, unlike previous releases, it started being only automatically delivered to Windows machines using four widely distributed product keys.[9]
The latest update (version 1.9.0040.0) was released on March 24, 2009.
Microsoft includes the Windows Genuine Advantage Validation Library in several products, such as Windows validation tool or Windows Media Player 11, to check the validation about all Windows software. As of version 7, Internet Explorer no longer requires the user to pass a Windows Genuine Advantage test in order to download or install the software.
The WGA Validation Library is also included in the Microsoft Security Essentials 2.0 and validate the Windows installation whether it is legitimate or not. The program will stop working after 30 days once it failed the validation process.
The information is then used in the WGA Library to check for overuse of license keys.
In September 2005, Microsoft filed lawsuits against a number of companies that sold unauthorized copies of software based on information from users who were told they have copyright infringing software by the Windows Genuine Advantage application.[10]
On May 4, 2006, Microsoft announced lawsuits for allegedly distributing unauthorized copies of Windows against eDirectSoftware of Montana, and Chicago-area resellers Nathan Ballog and Easy Computers.[11]
Some personal firewalls, though not one embedded in Windows, may alert on the method by which wgatray.exe is started; in the case of Outpost firewall, it is identified as a "hidden process". The wgatray.exe process itself can be firewall blocked, without apparent problems.
A tool has been released by a firewall vendor to prevent WGA Notifications transmitting information from one's PC.[12]
Through Windows Genuine Advantage, Microsoft collects the following data:[13] [14]
On October 20, 2008, many users of Windows XP in China received a black desktop, as Microsoft introduced its WGA system for Chinese language systems[15] [16] [17] in an effort to combat copyright violation, which is extremely common in China.
Since the majority of users in China run unlicensed copies of Windows, many users have experienced what is described as a "black screen syndrome", where the operating system changes the desktop background to a black screen, as well as displays constant warning messages.[18] [19]
Some users have even reported the disabling of Office programs such as Microsoft Word, PowerPoint and Outlook.[20]
According to various polls carried out by Chinese portals such as Sohu.com, QQ.com, 21cn.com, and many others, a large number (over 60% of those surveyed) of Chinese Internet users are hostile to Microsoft Windows Genuine Advantage (WGA) and Office Genuine Advantage (OGA).[21]
Even if WGA does not really make the operating system unusable, no updates except critical ones can be downloaded from Microsoft. Rather than just disallowing updating, Windows Vista originally ran in reduced-functionality mode if found by WGA to be compromised[22] [23] if a product has not been considered genuine which has made some people compare WGA to time bomb software.[24] [25] [26] Windows Vista SP1 and SP2 have removed this behavior and reverted to the nag-only methods of Windows XP.[27]
The notification tool has been accused of spyware-like behavior, "phoning home" on a daily basis.[28] [29] [30] Microsoft subsequently admitted the behaviour, but denied that it amounted to spyware.[31] [32] Following pressure, Microsoft announced that in future the tool would only phone home once every two weeks, instead of every day.[33] Microsoft has also provided removal instructions for the pilot version of WGA.[34]
Despite this, Microsoft was sued under anti-spyware statutes over WGA's non-disclosed "phone home" behaviour.[35] The lawsuit has since been dismissed.[36]
The WGA program can produce false positives (incorrectly identifying a genuine copy of Windows as "not genuine"). This can happen for any number of reasons such as failed updates, etc. Microsoft has established a forum to help users encountering problems.[37] In February 2007, a "Not Sure" section was added to the program, in case of an incorrect reading.[38]
According to an Ars Technica editorial, WGA reported around 22% of 500 million Windows computers as failing the test; of these less than 0.5% were due to unauthorized software, with the balance (over 20%, or 90% of all positives) related to edge cases. Microsoft "refused to comment on the rate of pure false positives" beyond saying it was "under 1%" (or as stated, at most around 5 million users affected).[39]
On June 18, 2007, it surfaced that it is possible to positively validate as a "Genuine Microsoft Product" user (and as a result be able to download certain software from Microsoft's official website) using Internet Explorer with IEs4Linux and Wine, running on Linux,[3] without having Windows installed.
On October 5, 2006, a WGA failure occurred, incorrectly flagging some systems as being non-genuine.[40]
On August 25, 2007, the Microsoft WGA servers suffered an outage, resulting in many legitimate copies of Windows XP and Vista being marked as counterfeit.[41]
The issue was solved about 12 hours later. According to Microsoft, "fewer than 12,000 systems were affected worldwide."[42]
On July 18, 2008, reports of Microsoft's WGA and OGA servers being offline surfaced again. Microsoft later responded that only offline verification was temporarily down.[43]