Product activation system flaw found in Windows 7

By

Follows earlier server message block problem.

More flaws have been discovered in Microsoft's Windows 7.

Product activation system flaw found in Windows 7

Reports have surfaced that Windows 7's product activation system has been cracked. Richard Kirk, Fortify's European director, said: "The RemoveWAT utility - also known as ChewWGA - exploits at least one of several probable security flaws on Windows 7 to allow a user to bypass the Windows Genuine Advantage registration procedure.

"This type of crack appeared shortly after Windows Vista went on sale in January 2007 and was solved when Microsoft issued an update. Similar utilities for Windows XP also started appearing in the summer of 2005, shortly after the Windows Genuine Advantage system was made mandatory in July of that year."

He further claimed that he expects Microsoft to retroactively re-engineer Windows 7 to prevent any registration loopholes from being exploited, and advised to check and keep checking for flaws.

"More than anything, this highlights the fact that the sheer size of programs these days means that code loopholes will slip through the net unless you are scrutinising them regularly from the moment they are written whether designed in-house or commercially," said Kirk.

An exploit was discovered last week by white hat researcher Laurent Gaffié after Windows 7 was omitted from any fixes on Patch Tuesday, when he detected a flaw in the server message block (SMB) which could be used by attackers to kill Windows 7 and WS2K8 R2 systems. A patch was pushed out at the end of last week for the vulnerability.

Chris Merritt, director of solution marketing at Lumension, said: “Disturbingly, there seems to be no blue screen of death to indicate you've been hit – it just crashes the kernel and you see nothing. In it's analysis of the issue, Microsoft suggests in its Security Advisory 97544 that you block TCP ports 139 and 445 at the firewall.

“While this is the first zero-day vulnerability found in Redmond's latest and greatest, it will not be the last. That's why it's as important as ever to stay current with all patches (and not only those coming from MS) and think through your defence-in-depth strategy.”

See original article on scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
activationblockflawmessagemicrosoftproductsecurityserversystemwindows

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul
CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'
Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
WestJet probes cyber security incident

WestJet probes cyber security incident
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?