RealTime IT News

Pirated Vista, Office 2007 Already on The 'Net

In today's That-Was-Quick Department, pirates have already gotten their hands on Windows Vista and are circulating a "cracked" version of the operating system on the Internet.

Vista and Office 2007 have just finished development and are being made available to corporate customers in advance of their January 30 release. But if you know where to look online, you can find both products already.

In the case of Vista, the purported "crack" isn't really a crack to get around the activation process. According to the techie hobbyist site Ars Technica, the hackers replaced components in the final code with bits from from earlier betas of Vista.

This allows the would-be pirate to use a product key that worked with the betas and two release candidates and skip the entire activation process.

In the case of Office 2007, the Enterprise edition has leaked onto the Internet, and because it uses a volume license key, it does not require activation over the Internet.

The free ride won't last long. Microsoft said it was aware of the hacks, and how they were done. "The unauthorized download relies on the use of pre-RTM activation keys that will be blocked using Microsoft's Software Protection Platform. Consequently, these downloads will be of limited use," a Microsoft  spokesperson told internetnews.com.

Beyond the fact that the hacked software will be shut off, installing it is just crazy, claimed Greg DeMichillie, lead analyst with research firm Directions on Microsoft.

"A whole lot of the versions of Windows XP that show up on download sites aren't just modified to bypass activation. They carry spyware. So you install them and they immediately turn into zombies or botnets," he said.

He pointed out that it's possible even to install a rootkit despite Vista's vaunted PatchGuard kernel protection. The rootkit can be installed to the files on the installation, which are merely compressed and not installed yet.

"I would never install that [hacked Vista and Office], because they are honey pots used to get you to install them on the system because they are likely loaded up with malware already," he added.

All of these anti-piracy efforts are a cat and mouse game for Microsoft, which has eliminated some vulnerabilities, such as the volume license key for Windows XP. But once a key is leaked, Microsoft has no way to revoke it, and it then gets around the Internet in a nanosecond. In this case, users tempted by a pirated version have been warned of the hidden costs.