GTP
Well-Known Member
- Reaction score
- 9,669
- Location
- Adelaide, Australia
These scripts are hosted on GitHub (which Microsoft owns...)
An excerpt of the "Show Notes" from the latest Security Now! Podcast by Steve Gibson...
Microsoft’s Activation System (More Fully) Hacked:
And while we’re on the topic of Windows, Martin Brinkman, writing for GHacks, titled his piece
“Hackers claim to have cracked Microsoft's software licensing protection almost entirely.” He
writes:
A team of hackers claim that they have cracked “almost the entire Windows / Office software
licensing protection.” The breakthrough allows them to activate “almost any version of
Windows and Office” permanently. Windows and Office installations require activation. This
may happen behind the scene or when users enter product keys. Workarounds and hacks have
been available for a long time. One popular choice requires running a single line of instructions
from a PowerShell prompt to activate Windows 8 or later, or Office.
The creators of the solution claim that they have found ways to extend this to even more
Windows and Office products. The new method works on any Windows client or server version
and includes Extended Security Updates (ESU) and Microsoft Customer Specific Volume
License Keys (CSVLK). The method used up until now could not activate everything
permanently. But now, for the first time, the versions that had remained elusive have been
supported for the first time: Windows 7, 8 and 8.1, any recent Windows Server, Add-ons and
Extended Security Updates have been added.
The hack, for example, enables support for Windows 10 ESU, once it starts in October 2025.
The hackers claim that the discovered method is simple. It does not require third-party file
installations or system file modifications according to a post on X:
I’ve captured their posting to ‘X’ which was by @MASSGRAVE. In this instance “MAS” stands for
Microsoft Activation Scripts:
Security Now! #1004
PowerShell MAS Scripts: https://github.com/massgravel/Microsoft-Activation-Scripts
And since none of this is now any sort of secret – their posting on ‘X’ has more than 900,000
views – this week’s podcast show notes also has the Github link to the PowerShell scripts they
also posted. I looked at them and I found an extremely complex and detailed PowerShell script
that appears to incorporate explicit support for the activation of just about everything. I didn’t
spend much time with it since I have no particular interest in any of this. But it’s news and I’m
sure that many frisky script kiddies out there are already enjoying many hours of play with this
revelation. Martin’s finishes his reporting by writing:
An example screenshot of a fully, permanently activated version of Windows with Extended
Security Updates has been shared as part of the post. The methods have worked for years,
according to one of the follow-up posts. The hackers claim that the digital license (HWID)
method worked since 2018 and the KMS method for at least 17 years. The discovered hack will
be made available in the coming months, according to the original post on X.
The discovery is a serious blow for Microsoft, provided that the hack is indeed as foolproof and
easy to apply as claimed. It is unclear how, or if, Microsoft will react to the hack. For now, it
seems that the hackers have, at least temporarily, won the battle.
Since I’ve been a paid-up MicroSoft Developer Network (MSDN) developer for decades, I already
pay for the privilege of installing whatever Windows editions I need for software development
and testing. But it’s going to be interesting to see how this develops over time. I never thought
much about cracking the Windows Activation System, but it has obviously been something of a
preoccupation for some segment of the hacker community.
Leo Laporte tried it on air while it was being discussed, it worked flawlessly.
An excerpt of the "Show Notes" from the latest Security Now! Podcast by Steve Gibson...
Microsoft’s Activation System (More Fully) Hacked:
And while we’re on the topic of Windows, Martin Brinkman, writing for GHacks, titled his piece
“Hackers claim to have cracked Microsoft's software licensing protection almost entirely.” He
writes:
A team of hackers claim that they have cracked “almost the entire Windows / Office software
licensing protection.” The breakthrough allows them to activate “almost any version of
Windows and Office” permanently. Windows and Office installations require activation. This
may happen behind the scene or when users enter product keys. Workarounds and hacks have
been available for a long time. One popular choice requires running a single line of instructions
from a PowerShell prompt to activate Windows 8 or later, or Office.
The creators of the solution claim that they have found ways to extend this to even more
Windows and Office products. The new method works on any Windows client or server version
and includes Extended Security Updates (ESU) and Microsoft Customer Specific Volume
License Keys (CSVLK). The method used up until now could not activate everything
permanently. But now, for the first time, the versions that had remained elusive have been
supported for the first time: Windows 7, 8 and 8.1, any recent Windows Server, Add-ons and
Extended Security Updates have been added.
The hack, for example, enables support for Windows 10 ESU, once it starts in October 2025.
The hackers claim that the discovered method is simple. It does not require third-party file
installations or system file modifications according to a post on X:
I’ve captured their posting to ‘X’ which was by @MASSGRAVE. In this instance “MAS” stands for
Microsoft Activation Scripts:
Security Now! #1004
PowerShell MAS Scripts: https://github.com/massgravel/Microsoft-Activation-Scripts
And since none of this is now any sort of secret – their posting on ‘X’ has more than 900,000
views – this week’s podcast show notes also has the Github link to the PowerShell scripts they
also posted. I looked at them and I found an extremely complex and detailed PowerShell script
that appears to incorporate explicit support for the activation of just about everything. I didn’t
spend much time with it since I have no particular interest in any of this. But it’s news and I’m
sure that many frisky script kiddies out there are already enjoying many hours of play with this
revelation. Martin’s finishes his reporting by writing:
An example screenshot of a fully, permanently activated version of Windows with Extended
Security Updates has been shared as part of the post. The methods have worked for years,
according to one of the follow-up posts. The hackers claim that the digital license (HWID)
method worked since 2018 and the KMS method for at least 17 years. The discovered hack will
be made available in the coming months, according to the original post on X.
The discovery is a serious blow for Microsoft, provided that the hack is indeed as foolproof and
easy to apply as claimed. It is unclear how, or if, Microsoft will react to the hack. For now, it
seems that the hackers have, at least temporarily, won the battle.
Since I’ve been a paid-up MicroSoft Developer Network (MSDN) developer for decades, I already
pay for the privilege of installing whatever Windows editions I need for software development
and testing. But it’s going to be interesting to see how this develops over time. I never thought
much about cracking the Windows Activation System, but it has obviously been something of a
preoccupation for some segment of the hacker community.
Leo Laporte tried it on air while it was being discussed, it worked flawlessly.
