Microsoft Allows Bypass of Vista Activation
Livingston, Author of "Windows Vista Secrets"
always says it opposes "software pirates" who sell
thousands of unauthorized copies of Windows.
the Redmond company has made things a
easier for pirates by adding a line to the Registry that can be changed
to 1 to postpone the need to "activate" Vista
most Windows users know, Microsoft has
required "product activation" since the release of Windows XP in
2001. XP must be activated by communicating with servers in Redmond within 30
days of installation. By
contrast, Microsoft Office XP, 2003, and 2007 require activatation
package is used 5 to 50 times, depending on the version, according to a
FAQ. If a
PC has no Internet connection, a user may activate a product by dialing
telephone number in various countries.
activation process will complete successfully only if
software has not been previously activated, such as on a different
activation isn't completed within the trial period, Microsoft products
temporarily shut down some of their features. MS Office loses the
edit and save files. After Vista's
deadline runs out, the user can do little other than use Internet
activate the operating system or buy a new license.
describes its product activation scheme as a way to foil software
pirates. However, as I previously described in an InfoWorld Magazine
Oct. 22, 2001,
activation does nothing to stop mass piracy. The Redmond company actually included in
XP a small file, Wpa.dbl, that makes it easy for pirates to
thousands of machines that validate perfectly.
from stopping software piracy, product activation has primarily been
designed to prevent home users from installing one copy of Windows on a
machine and a personal-use copy on a laptop. As I explained in an
article on Mar. 8,
buying a copyrighted work and making another copy strictly for personal
specifically permitted to consumers by the U.S. Copyright Act and the
laws of many other countries.
example, courts have repeatedly ruled that consumers can make copies of
copyrighted songs or television programs for personal use (not for
or resale). This principle is legally known as "fair use." The home
edition of Microsoft Office 2007 reflects this principle, allowing
activate three copies of a single purchased product.
Windows XP and Vista, however, allow
Microsoft has embedded into its new Vista
operating system a feature that makes things easier than ever for true,
software pirates. These tricksters will be able to produce thousands of
PCs machines that won't demand activation indefinitely — at least for a
Leaving the activation barn
in a Feb. 1 article that the
version of Windows Vista allows itself to be clean-installed to a new
drive. The new Microsoft operating system completely omits any checking
qualifying previous version of Windows. This allows the upgrade version
of Vista to successfully upgrade over
a nonactivated, trial
version of itself.
my article appeared, ZDnet blogger Ed Bott summarized the secret in a
post on Feb. 15. He
flatly states, "You satisfied every condition of the license agreement
aren't skating by on a technicality. The fact that you have to use a
workaround to use the license you've purchased and are legally entitled
own piece, I had speculated that clean-installing the upgrade version
of Vista "probably violates the Vista
EULA (End User
License Agreement)." But more and more computer experts are saying that
the procedure is fully compliant with the EULA and, in any event, is
wrote a follow-up story on Feb. 15. I reported that
Microsoft includes in Vista a
that even novices can use to postpone the product's activation deadline
times. This can extend the deadline from its original 30 days to as
much as 120
days — almost four months.
posted a report on my story on Feb. 17.
The magazine quotes a Microsoft spokeswoman as saying that extending Vista's activation deadline as I described it
not a violation of the Vista End User License Agreement." I'm glad
feature that I've revealing today shows that Microsoft has built into Vista a function that allows anyone to extend
operating system's activation deadline not just three times, but many
The same one-line command that postpones Vista's
activation deadline to 120 days can be used an indefinite number of
first changing a Registry key from 0 to 1.
isn't a hacker exploit. It doesn't require any tools or utilities
whatsoever. Microsoft even documented the Registry key, although
its Technet site.
dishonest PC sellers could use the procedure to install thousands of
of Vista and sell them to
consumers or businesses as legitimately activated copies. This would
violate the Vista EULA, but consumers might not realize this until the
bought started demanding activation — and failing — months or years
following describes the Registry key that's involved.
1. While running a copy of Windows Vista that hasn't yet been
activated, click the Start button, type regedit into the Search
then press Enter to launch the Registry Editor.
2. Explore down to the following Registry key:
\ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ SL
3. Right-click the Registry key named SkipRearm and click
Edit. The default is a Dword (a double word or 4 bytes) with a hex
00000000. Change this value to any positive integer, such as 00000001,
change, and close the Registry Editor.
4. Start a command prompt with administrative rights. The fastest
way to do this is to click the Start button, enter cmd in the
box, then press Ctrl+Shift+Enter. If you're asked for a network
password, provide the ones that log you into your domain. You may be
approve a User Account Control prompt and to provide an administrator
5. Type one of the following two commands and press
command uses Vista's built-in
Licensing Manager (SLMGR) to push the activation deadline out to 30
the command is run. Changing SkipRearm from 0 to 1 allows SLMGR
this an indefinite number of times. Running either command initializes
value of SkipRearm back to 0.
6. Reboot the PC to make the postponement take effect. (After you
log in, if you like, you can open a command prompt and run the command slmgr
-xpr to see Vista's new
and time. I explained the slmgr command and its parameters in
my Feb. 15 article.)
7. To extend the activation deadline of Vista
indefinitely, repeat steps 1 through 6 as necessary.
crooked PC seller with even the slightest technical skill could easily
install a command file that would carry out steps 1 through 6
The program could run slmgr -rearm three times, 30 days apart,
postpone Vista's activation deadline
days. It could then run skip -rearm every 30 days, for a period
months if not years, by first resetting the SkipRearm key.
program could be scheduled to check Vista's
activation deadline during every reboot, and to remind the user to
a month if a deadline was nearing. The buyer of such a PC would never
an activation reminder, much less be required to go through the
happen to buy a Vista PC from a little-known seller, and the price was
too good to be true, use Vista's
function to look for the string SkipRearm in files. You may
that your "bargain" computer will mysteriously start demanding
activation in a year or two — but your product key won't be valid.
asked Microsoft why SkipRearm is included in Vista
if it can be used to create machines that appear not to need activation
long periods. A Microsoft spokewoman replied, "I connected with my
colleagues and learned, unfortunately, we do not have information to
this time." (I can't identify the speaker because the policy of
Microsoft's public-relations firm, prohibits the naming of p.r.
testing of Microsoft's back-door loophole, I've found that the
can be used to postpone the activation deadline one year or longer. It
may not, however, work forever, as I describe below.
Why does SkipRearm even exist
development teaam apparently inserted the SkipRearm loophole to help
corporations work around Microsoft's new Volume Licensing Agreement.
program, which the Redmond
company calls "Volume Licensing 2.0," requires buyers to set up a Key
Management Service (KMS) host, as described by a Microsoft FAQ.
Companies must choose from two types of digital keys and three
methods of activation to validate thousands of individual Vista
machines within the corporate LAN.
of Windows XP, by comparison, requires merely that volume purchasers
use a single product key. Corporate buyers obtain a unique key when
Volume Licensing Agreement. Microsoft has said, however, that most
piracy involves stolen product keys that are used by others to activate
new KMS requirement is intended to discourage such piracy, but it
heavy burden on corporate IT administrators. For example, Microsoft
tool called System Preparation (sysprep.exe) to prepare Vista machines for use. If a system can't be
prepped within 30 days after installation, an admin can run the command
/generalize to postpone the activation deadline another 30 days.
like the slmgr -rearm command, sysprep /generalize will
succeed three times.
work around this, as a Technet document
states, "Microsoft recommends that you use the SkipRearm
you plan on running Sysprep multiple times on a computer." This is
by Microsoft Knowledge Base article 929828.
editor Susan Bradley points out, "The good guys have to go
through this stupid implementation of a KMS deployment because of bad
abusing the system." She strongly feels that users should comply with
Microsoft's EULA provisions. "The operating system license has always
a one-machine install. ... Many of us forget the multiple-install rule
Microsoft Office] since we are so used to the one license, one install
rule," she adds.
TechNet documents, Microsoft recommends the repeated use of SkipRearm.
How many times is "multiple times"? My testing revealed that the
answer is, well, indefinite.
a copy of Vista Ultimate that Microsoft released in New York City on Jan. 29, I found that changing SkipRearm
from 0 to 1 allowed the command slmgr -rearm to postpone Vista's activation deadline eight separate
that, changing the 0 to 1 had no effect, preventing slmgr -rearm
moving the deadline. The use of slmgr -rearm 3 times, plus
8 times would eliminate Vista's
screens for about one year (12 periods of 30 days).
a copy of the upgrade version of Vista
Home Premium that I bought in a retail store on Jan. 30, slmgr
also worked 3 times and SkipRearm worked 8 times before losing
effect. This combination would, as with Vista Ultimate, permit a
of Vista without nag screens
a copy of the full version of Vista
Home Premium that I bought in a retail store on Mar. 14, SkipRearm
had no effect on extending the use of slmgr -rearm at all. This
that Microsoft has slipstreamed a new version into stores, eliminating
feature in Vista Home. That could mean that changing the key from 0 to
now work only in the business editions of Vista — Business, Enterprise, and
Ultimate — so corporations
can use the loophole.
is the usage count of slmgr -rearm stored? Where is the usage
count of SkipRearm stored? These bytes won't be hard for expert
find. The use restrictions may be easily lifted. If so, this would
crooked PC sellers to truly create machines that would never need
The financial impact of
SkipRearm on Microsoft
I'd like to
repeat here that I'm not advocating
that anyone use the above technique to violate Microsoft's EULA or
for Vista. Any company that used SkipRearm
to install Vista on multiple machines
long as possible would have little defense against a surprise
inspection by the
Alliance. This coalition of software makers, which includes
Microsoft, investigates reports of unlicensed software and obtains
journalist, my job is to report the facts. SkipRearm was
specifically built into Vista to be
Microsoft executives made Vista's
overly complex and cumbersome. So the development team apparently
Registry key to lift the burden of Vista's
activation deadline, for at least a year and probably more.
technique is so powerful and basic, however, that hackers around the
may soon use the feature to install millions of extra copies of Vista without buying them. This could have a
on Microsoft's revenues. The company's employees and shareholders might
be aware of this.
activation does little or nothing to stop mass software piracy. It's
become so convoluted, the way Microsoft has implemented it, that it's
an irritation to legitimate users than a worthwhile antipiracy measure.
opinion, Microsoft should concentrate on legal action against true
instead of inventing more ways to drive honorable users bonkers.