Feeds

Corp Windows 2003 Server WPA key escapes

Wide open ahead of the rollout again...

  • alert
  • submit to reddit

Security for virtualized datacentres

Microsoft has suffered another one of those embarrassing corporate Windows Product Activation key leaks, for Windows Server 2003 this time, almost three weeks ahead of the product's scheduled release. According to discussion at Neowin, this key is for three versions of 2003 Server, i.e. Standard, Enterprise and Datacenter editions; it does not however apply to the retail edition of the software, which is similar to the case of the fabled XP corporate key leak, which did not work with XP Home.

This however won't necessarily make a lot of difference, as a conversion routine is circulating which allegedly allows an RTM Retail version to be turned into the corporate version. And a "Windows Server 2003 3-in-1 corporate" is reported to be available on Usenet, so it would appear Microsoft's best efforts to stop its software being copied have been defeated before the rollout again.

Does it matter? Probably not greatly, because so long as Microsoft is prepared to issue 'magic' keys that set its software installations in motion without phoning home, those keys are going to leak. Microsoft is, effectively, subverting its own protection systems, and knows this. It is however difficult for it to stop doing so, at least in this rev of WPA, because its treasured business customers won't put up with the hassle of online activation.

Microsoft tackled the XP key leaks by denying SP1 Windows Update service to invalid keys. Prior to this, however, WPA had been sufficiently disentangled and subverted for key generation routines to be produced. These chug out workable corporate keys for several Microsoft products, so the earlier leaked keys had been rendered obsolete in the warez community anyway.

The impact of the Server 2003 leak will likely be rather less than the XP one (which itself doesn't seem to have had a totally visible impact in Microsoft's profit margins). Whereas swiped editions of XP Professional will tend to be run by individuals and therefore needn't be terribly obvious to Microsoft, anybody using a hot version of Server for what it's supposed to be for (i.e., running a business network) will be rather more likely to attract the gimlet eye of the antipiracy squad. And the further up the business network you go, the more likely you are to get hit by an audit.

So small key leak, not many bucks lost by MS. But no doubt quantities of geeks who're no better than they should be will shortly be running 2003 Server, which they'd never have bought anyway, as a standalone system. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
PEAK APPLE: iOS 8 is least popular Cupertino mobile OS in all of HUMAN HISTORY
'Nerd release' finally staggers past 50 per cent adoption
Microsoft to bake Skype into IE, without plugins
Redmond thinks the Object Real-Time Communications API for WebRTC is ready to roll
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
Mozilla: Spidermonkey ATE Apple's JavaScriptCore, THRASHED Google V8
Moz man claims the win on rivals' own benchmarks
Yes, Virginia, there IS a W3C HTML5 standard – as of now, that is
You asked for it! You begged for it! Then you gave up! And now it's HERE!
FTDI yanks chip-bricking driver from Windows Update, vows to fight on
Next driver to battle fake chips with 'non-invasive' methods
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings
Oi, Windows, centOS and openSUSE – behave, we're all friends here
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.