Microsoft is looking into reports of attacks targeting its OEM BIOS based activation, which could enable hackers to circumvent the product activation measures built into Windows Vista and XP.
OEM BIOS activation, or OA, allows PC makers and system builders to preactivate Windows for their customers via a System-Lock Pre-Installation.
OA 1.0 was introduced with Windows XP to make it easier for OEMs to show that the Windows licenses shipping with PCs are valid. OA 2.0 is the version that ships with Windows Vista.
In a Tuesday blog post, Alex Kochis, senior product manager in the Windows Genuine Advantage group, said Microsoft is aware of two types of OA 2.0 hacks that are circulating in the wild.
The first hack involves editing the BIOS on the motherboard, but this method is risky and not conducive to mass replication, making it less of a threat, wrote Kochis. "If you mess up editing the BIOS of any motherboard, you can quite easily render it permanently useless," he wrote.
The second variant targets Windows Vista and uses a software-based approach to trick the operating system into functioning as if it's running on OA 2.0-enabled hardware, according to Kochis.
Marc Harrison, an engineer at Silicon East, a Manalapan, N.J.-based solution provider, hadn't heard of the OA hacks, but said he'd be "very concerned" if they were to become widespread. "As a system builder and OEM, we only provide legitimate software, and if we're going to be undercut by unscrupulous people supplying bootleg versions, that would be a problem," he said.
Software pirates have been using BIOS editing tricks to get around activation since the release of Windows XP, but Vista makes the process much more difficult. As a result, hackers are marshaling their efforts to crack OA 2.0, Kochis wrote.
In responding to the hacks, Microsoft will seek to "disrupt the business model of organized counterfeiters and protect users from becoming unknowing victims," according to Kochis.
