A tool provided by Microsoft could let people get around a check meant to prevent those with pirated copies of Windows from downloading additional software from the company, according to a security researcher.
Researcher Debasis Mohanty outlined what he said was a technique to trick Microsoft’s Windows Genuine Advantage validation check in a posting to the Full Disclosure security mailing list on Monday. WGA is a software tool that verifies whether a particular copy of the operating system is properly licensed.
Using a secondary Microsoft validation tool called “GenuineCheck.exe,” it may be possible for people to trick the checking mechanism, Mohanty said in the posting. They could then download and run supposedly restricted software from Microsoft’s Download Center on a PC running a pirated version of Windows, Mohanty wrote.
Microsoft confirmed that the technique could circumvent the piracy check, but a representative said Monday that the company is not worried.