Microsoft closes in on Vista BIOS crack

Microsoft is studying a BIOS hack that allows pirates to circumvent the anti-piracy features that are built into the Windows Vista.

Reports about the crack started circulation online a few weeks ago. The method uses a feature that allows system builders to qualify new computers as licensed by inserting a short digital marker in the BIOS. Upon detection of this special marker, Windows XP and Vista bypass product activation and anti-piracy checks.

This OEM Activation programme is limited to large original equipment manufacturers (OEMs) with which Microsoft has a direct relationship.

The basic input/output system (BIOS) is software that is built into a computer's mother board. It provides a computer with the first instructions when it is booted up, allowing the operating system to start loading and components like the keyboard, display and disk drives to function.

Users looking to install a pirated copy of Windows Vista however can use the BIOS markers to bypass the product activation check too.

Crackers could go into the BIOS and change its content to make it appear to be from a qualifying OEM. That method however is labour intensive and risky: a single programming error can permanently disable a motherboard.

A more popular method uses special software that fools Windows into believing that it is running on a qualifying system.

"While this method is easier to implement for the end user, it's also easier to detect and respond to than a method that involves directly modifying the BIOS of the motherboard," Alex Koc, a senior program manager for Microsoft's Windows Genuine Advantage programme wrote on a company blog.

While he wouldn’t say if the company plans to respond, he mentioned that the company is monitoring the situation.

"Our goal isn't to stop every 'mad scientist' that's on a mission to hack Windows. Our first goal is to disrupt the business model of organised counterfeiters and protect users from becoming unknowing victims. This means focusing on responding to hacks that are scalable and can easily be commercialised, thereby making victims out of well-intentioned customers."

Microsoft has seen cases of BIOS hacks on Windows XP over the past few years, he added, but they were limited in their scope. Koc suggested that there were easier methods of cracking Windows XP's piracy protections that kept people from using the BIOS crack.

"Because Windows Vista can't be pirated as easily as Windows XP, it's possible that the increased pressure will result in more interest in efforts to hack the OEM Activation 2.0 implementation."