Pirates have found a loophole in the Windows 8 activation chain

The most difficult part of installing and using a pirated copy of Windows 8, apart from making sure that it does not contain any hidden malware, is getting it activated. Each Windows 8 installation requires a unique key, which is different from previous versions of Windows where so called Volume Keys were available and widely distributed.

A loophole has recently been discovered that can activate pirated versions of Windows 8 permanently. The loophole takes advantage of Microsoft's ongoing Windows Media Center promotion that is giving away free keys for the upgrade to Windows 8 Pro users. So, after installation of Windows 8 Pro on a PC and the activation via KMS, entering the Windows Media Center promo key is all it takes to get the system activated for good.

The Media Center keys are given away for free by Microsoft until January 31, 2013 after which they will be offered for a price. To enter the code in Windows 8 Pro, you search for add features using the new Charms Bar search. A click on Add features to Windows 8, the selection of I already have a product key, and the entering of the product key that Microsoft sent to you is all it takes to activate Windows 8 permanently.

This works because there is no check for the legitimacy of the underlying operating system when the new key is verified and the system turned into Windows 8 Pro with Media Center. The key that is entered in the process is the new product key that Windows uses for activation checks in the future and not the key that was originally entered during installation of the system.

Read also:  Microsoft 365: Windows and Office subscription bundle

The system is permanently activated after the procedure, which you can verify by opening the activation window which should read "Windows is activated" and no longer "Windows is activated until".

Below is a screenshot of Windows Activation of a legit Windows 8 Pro system. It also shows the "add features" button.

windows is activated

The big issue for Microsoft is the missing check of the underlying operating system key when the upgrade is being processed. Coupled with an anonymous process to get a key for the Windows Media Center upgrade - all that you need is to enter an email address, any email address - it is almost certain that the method will  be exploited heavily in the coming weeks.



Microsoft could prevent that from happening by adding a check for the product key of the underlying system to the upgrade process. (via Reddit, thanks Ilev)

 

 

Please share this article

Facebooktwittergoogle_plusredditlinkedinmail


Filed under:


Responses to Pirates have found a loophole in the Windows 8 activation chain

  1. Midnight November 21, 2012 at 10:09 am #

    Another blooper from the folks @Microsoft!

    There are numerous (working) Activators available all over the web that seem to make Win8 legit, based on posts on those sites, so regardless of how hard Microsoft tries to limit/restrict illegal copies of their latest O/S from being used, there are people way smarter than them who have found ways to activate their products!

    Pirating wares is a way of life and not about to change any time soon!

  2. Locutus November 21, 2012 at 10:15 am #

    Honestly, if I didn't already have Windows 8, this is so easy I'd do it. I'd totally do it.

  3. britesyde November 21, 2012 at 11:07 am #

    Hey, look at the bright side, at least now more people will install Win 8 right?

  4. Nerdebeu November 21, 2012 at 11:17 am #

    the method is known since the day of launch of 8

  5. steve November 21, 2012 at 12:11 pm #

    Hey i pirate all my software for free but i wouldn't use windows 8 even if they paid me, its a fail OS!

    • clas November 22, 2012 at 3:42 pm #

      hahahhah,,,great comment, Steve,...i feel the same.
      remember the days when any savvy tech would not
      buy a new operating system till after they released the
      first service pack. and sometimes "new" is not better
      at all.

  6. EuroScept1C November 21, 2012 at 12:40 pm #

    That's 100% intented, I think. With Microsoft's blessing... MS is not as foolish as we might think.

    Win 8 does not go so well; they also disabled the previous method ( loader ). So, they had to do something to help spread...

  7. Bill S. November 21, 2012 at 12:54 pm #

    Can anyone tell me if you can install Windows 8 without a key? I have an older P4 Dell that is running Windows XP (SP3) and I would like to take advantage of the $39.99 upgrade offer. when I run Windows 8 Advisor it tells me that it may not work because of support for NX. I did not want to purchase the key then find out it wouldn't work so I thought I would install then purchase key if it worked.
    Anyone know if I can do this?

    • ilev November 21, 2012 at 1:15 pm #

      You can still download a preview version and test it.

      • Bill S. November 21, 2012 at 1:21 pm #

        Will the preview version roll back if it doesn't work? Where can I get the preview version?

  8. Paul B. November 21, 2012 at 1:32 pm #

    I would expect this vulnerability to get plugged in about 13 microseconds.

  9. Paul(us) November 21, 2012 at 7:50 pm #

    Lmao, What a mistake there are totally sleeping there at Silicon valley.

  10. lookmann November 21, 2012 at 7:06 pm #

    oh oh Martin,
    this is like saying ' my dad is not in the attic' [ a kid to police who were looking for him]
    now you should understand why you're in the cross-hairs of MS & Google!
    jokes apart, win 8 activation is still a mine-field, with mail id requirements.anyone over-stepped this & activated?

  11. X November 23, 2012 at 4:17 am #

    You don't even have to use a "valid" e-mail addy to get your key. A temp one will do.
    Which could fuel the M$hit "conspiracy" theory even more.
    Just my 2c.

  12. Connie Fernandez November 28, 2012 at 9:12 pm #

    Hi Mark,
    The only trial download version available is Enterprise. It doesn't have a way to add media center pack. :(
    Is there a way to download Win8 Pro eval?

  13. Sixx November 29, 2012 at 4:31 pm #

    Personally i paid for Windows 8 due to the fact it has more support for SSD. and a few other things but the MetroUI Sucks. but people work hard on putting a OS out on the market and people should pay if they plan on running it longer then 3 months. Pirating soft is bad you never know if there is a virus or not pre-installed.... People have jobs support them they work hard.

  14. teknologic December 29, 2012 at 9:56 pm #

    The question here is—is it really necessary to hack Windows 8 to load it on your computer when an OS of XP or later entitles you to a $40 Upgrade? NO
    In fact, what if you have a computer with a XP COA on it, and the hard drive is Empty. How do you get Windows 8 on it, if you have no XP disk? I know how to put Windows 8 on a computer that qualifies for a Windows 8 upgrade even if you don't have the OEM Software loaded on it, like XP for $40 and MS.com approves it with their Upgrade tool. No Hacks, no Tweaks, just simple understanding how software works.. I have not installed windows 8 on the computer, cause I think the hardware is a bit outdated and lack the Graphics Hardware needed. However, I did step thru the whole process to see if MS.com would allow me to get up to the point of Ordering Windows 8 for $40 and Windows XP OEM was not even running on the computer.
    Drop me a note, and ask Kindly and I will tell you. I do know this, NO ONE has posted this method yet that I know of, the last time I checked, and I found discovered this by myself back in August..

Leave a Reply