Another Vista Activation Crack Appears

Buzz about a Windows Vista zero-day vulnerability is troubling enough (although probably overblown). Now, there appears to be a second product activation hack, this one designed to fool the activation timer into not counting down. The activation hack is quite different from the first one, which involved setting up a Key Management Service server. Microsoft also released an update blocking hybrid testing/final Vista "Monster" code that could bypass product activation.

"Recently it has been reported that activation of Microsoft's Windows Vista operating system has been compromised," a Microsoft spokesperson said in a statement in response to a Microsoft Watch inquiry. "Microsoft is investigating this reported activation breach; however, there is no concrete evidence that this breach has been automated to the point that it is widely deployable." The not "widely deployable" statement, while likely true, isn't denial of an actual activation breach.

I've read instructions, which I won't link to, and comments from people successfully trying the so-called Time Stopper hack; I haven't tested it and wouldn't because of possible security breach when applying a downloaded crack as part of the process. As the Microsoft spokesperson acknowledged, there are reports about the crack, which requires setting a computer's BIOS clock to 2099. The hack does work on 32-bit Windows Vista installations but not necessarily 64-bit versions. The process requires some other Windows changes and eventual clock reset from within Vista leading to a perpetual state of 30 days to activation.

View: The full story
News source: MS-Watch

Report a problem with article
Previous Story

AMD Live! to support Blu-ray and HD DVD in 3Q 2007

Next Story

HD DVD anti-rip encryption cracked

75 Comments

Commenting is disabled on this article.

To everyone complaining that they cannot easily get Vista for free - blow it out your arse! Let me call the whaaaaaambulance for you. You paid for your hardware didn't you? Got that spiffy new nVidia card right? Hows that Raptor or nice LCD monitor? Paying yer monthly cable modem bill right? You paid for all of those because you were too afraid to steal those cause but you whine because you can't steal Vista as easily as you could previous version of Windows.

To the "I need more than 30 days to evaluate" folks - likewise, blow it out yer arse! Who cares how many days you need to do this or that or the other thing. They give you 30, feel lucky that you get 30 at all. Did you get 30 days to try out your new monitor? Hows that 30 day trial going on your car? 30 days of eating McDonalds to see if you get the sh!ts?

People - look - face it. You wanna talk about cracking something, sure, go on whatever. But call it what it is. It's stealing. I ain't saying you should or shouldn't, calling it right or wrong. Just don't be putting on holier than thou attitudes and pretending you are above it all. You are a common warez pirate (likely, a pure leeching swabbie at that) so your right to complain is basically null and void.

Pah... if you can't afford the $200 for a copy (less if you buy OEM, less still if you buy it bundled with any decent system builders package) for the thing that makes ALL the rest of your computer work then I don't think you deserve to play with the grown ups.

p.s., I may not pay for everything single piece of software on my system but I do pay for my copy of Windows. Having a 100% legit key is worth it to me. I don't like reinstalling every 30 days or worrying about WGA in any way (trivial or not).

p.s., I've seen this "crack" and it's way way way easily defeated by MS, heck, before consumer release even. Expect a WU to cure this before Jan 15.

p.p.s., reminder kiddies. Unlike with previous versions of Windows, this time MS is going to activately go after the crackers. They can go to the same newsgroups and sites as you do and find the same thing you can and it's easy for them to issue a patch for it (that you won't want) within a security update you need (i.e. to prevent being pwned online from some future exploit)

Quote - DomZ said @ #1
Why do people think this is the "put your bios to 2099" crack.

It's NOT!

READ NOT!

This stops the timer EVER counting down.

If you put the bios to 2099, then reset the date, IT WILL STILL COUNT DOWN (There are internal timers)

This makes that 1 month old crack (read: -rearm crack, or whatever) useless.

This crack stops the timers ever counting down 1 minute, it is forever "freshly installed" (even past 2099...if you like)

Dude...This SO did not work ( I am typing this from another Computer ) ..I had 17 days left for Activation..and I changed my BIOS to 2099 , like the Document said..and I also removed the Network Cable...well when I logged back in to complete the rest of the "crack"..it told me that my Vista had Expired and I cannot log in, until I give it a Valid Serial...Which makes sense...cause 2099 is for sure PAST the 30 day Evaluation Period....This really Sucked...so now I am off to find another solution... =(

lol...before MS can release any 'patches' to fix bugs...they are gonna have to first issue a SP1 to replace half the cracked files in the system32 directory to stop whats already out....

Quote - lawownsu said @ #28
Iam thinking of buying Vista when it becomes stable enough and supports most of the things that i need. :)!

Can't wait to use Vista SP2 :))

anything that can be coded can be uncoded. although im making no comment on MS's pricing when i say this (i haven't even given vista a thought yet, and wont for some time most likely,): but pricing IS the best way to fight piracy. If the price of software is low enough, the majority of people would rather buy it than go through the hassle of cracking it anyway. there will always be pirates, but youre really fighting against the convenience of the general public.

i know nothing about this particular subject so correct me if im wrong when i say: doesn't MS make a great deal of their money from windows being bundled with new pc's and corporate licensing anyway?

obviously it's in their best interests to fight piracy, but i'd be interested to see how the numbers break down anyway.

Quote - k311 said @ #27
anything that can be coded can be uncoded. although im making no comment on MS's pricing when i say this (i haven't even given vista a thought yet, and wont for some time most likely,): but pricing IS the best way to fight piracy. If the price of software is low enough, the majority of people would rather buy it than go through the hassle of cracking it anyway. there will always be pirates, but youre really fighting against the convenience of the general public.

i know nothing about this particular subject so correct me if im wrong when i say: doesn't MS make a great deal of their money from windows being bundled with new pc's and corporate licensing anyway?

obviously it's in their best interests to fight piracy, but i'd be interested to see how the numbers break down anyway.

I agree with you on that, but see Vista has been in development since 2001 and some features since 1999. There are prob millions of hours put in to code this product, thousands/millions of dollars spent on advertising/publishing/salaries etc.

Microsoft will have to earn the money some way or the other, or go in a loss. Business is about making the best profit you can, and I find it acceptable to pay 100-360usd [depending on the vista version you want] for an OS that will possibly last you for the next 3-5 years [or even more if you don't want to get Vienna].

My God, people, just buy the damn thing if you really want it. It's not worth going through all this crap just to use an operating system that is not all that much better than XP. If you are determined to use Vista, why not support Microsoft and the countless amount of money and man-hours that were put into this piece of software?

Why do people think this is the "put your bios to 2099" crack.

It's NOT!

READ NOT!

This stops the timer EVER counting down.

If you put the bios to 2099, then reset the date, IT WILL STILL COUNT DOWN (There are internal timers)

This makes that 1 month old crack (read: -rearm crack, or whatever) useless.

This crack stops the timers ever counting down 1 minute, it is forever "freshly installed" (even past 2099...if you like)

Microsoft releases a new version of WPA/WGA
WPA/WGA Crack Appears
Microsoft releases a new version of WPA/WGA
WPA/WGA Crack Appears
Microsoft releases a new version of WPA/WGA
WPA/WGA Crack Appears

and so on...

Quote - Lino en Kuldes said @ #12
Typing this from a Time-Stopped Windows Vista Ultimate :P
I wanted to give this POS a LONG try out before January because I don't have the latest and greatest in PCs (P4 2.4Ghz, 1GB RAM, GeForce FX 5500 256mb, etc.) and I wanted to see the performance of it... It's acceptable I guess, it feels much snappier than XP, but then again, just from boot-up, this BEHEMOTH of an OS is taking up close to 520Mb of RAM AT ALL TIMES. I can't even play HALO ONE on this computer using Vista. It works like crap when it works perfectly on XP.
Also, the amount of driver issues is just insane. There's almost NO driver support for Vista out there yet. The sound of this computer (AD188 thing from my ASUS P4V800D-X mobo) works perfectly until I hit PAUSE on anything I'm watching/listening, then the whole sound of the computer just stops. It's just crazy.

Ho well, rant off. But I'm glad I don't have to pay to give this POS a long try-out (30 days is not enough, I'm sorry).

You keep calling it a POS that's "acceptable" but yet you want to play with it, even past the trial period. The "I h@te w!nd0ws" fad doesn't look very flattering on you since you can't pull it off.

You keep calling it a POS that's "acceptable" but yet you want to play with it, even past the trial period. The "I h@te w!nd0ws" fad doesn't look very flattering on you since you can't pull it off.[/quote]

Because you think that I hate Windows, you tard. I've always used Windows, and by no means a hater, so you fail with that. My point is that for someone who WORKS on a computer all day and depends on it, EXTENSIVE testing of something that's going to be the foundation of your computing life IS necessary. I depend on my computer a lot for both work and pleasure, and I want to test (REALLY test) how work and play works under Vista. That is absolutely valid, much more so considering that where I'm from, buying Vista and or ANY computer equipment is MUCH more expensive that you could possibly comprehend in your little americanized thought process, and if I'm FULLY entitled to want to give a thorough test-run to an OS that will probably demand me to BUY more components for my PC because it's an absolute resource and hardware hog.

So now shut up and die in a fire. Thank you.

You may have had a valid point. But your argument is totally lost on everyone because you have the social skills of a poorly trained chimp. Can't you see talking in such a way isn't just bad for you, but also for Neowin as a whole. With such silly petty arguments every 5 minutes this place will end up like Digg.

I suppose you can have a civilized discussion on the front page, and even that may be totally accepted because there are forums for a reason, but with phrases like,

So now shut up and die in a fire. Thank you.
it makes me kind of wish people could get banned from the front page.

So please grow up.

Every time there's an article about some new way to crack Vista, some retard pops up and says the whole "there will always be cracks!" thing, but I'm sorry, am I the only one who's kind of impressed by how long it's taking for anyone to come up with a REALISTIC crack?

You know, a patch-and-go sort of thing? All of these little tricks are just inconvenient work-arounds. I mean, isn't this setting some kind of a record for MS? All this time and still, not one hacker has made something that can call itself the definitive solution to Vista's protection.

I'm kind of glad I'm getting a legit version of this thing. I get to just kind of shake my head and shrug all these idiots off. :P

It is funny how the "real deal" consists of something as simple as making it think the thing was installed in 2009 (and stopping those counters). That's a crack at the lowest possible level.

Quote - Julius Caro said @ #20.2
It is funny how the "real deal" consists of something as simple as making it think the thing was installed in 2009 (and stopping those counters). That's a crack at the lowest possible level.

OMG, PEOPLE STOP POSTING CRAP AND START READING THE ARTICLE! THIS IS ABOUT A CRACK, NOT ABOUT THE NOT-WORKING 2099 TRICK! THE CRACK REQUIRES 2099 AS WELL, BUT IS A CRACK, NOT A SIMPLE TRICK THAT DOESN'T EVEN WORK.

The caps are for shouting.

Microsoft should release a torrent file on the internet with the 'crack' in it. It will properly crack your system, then tell the authorities.

These copy protections are put in place for companies and computer sellers, so they won't be able to abuse corporate keys anymore. MS knows that regular people that pirate Vista will never buy a legit copy.

That's not true... many people WILL purchase Vista if it is very inconvenient to pirate it, so it is not a wasted effort. If even 1% of people that pirate Vista end up buying it then that is a serious amount of money and it's entirely possible it would be a lot higher than 1%.

This type of workaround isn't new, I've heard of people doing this on Windows XP to bypass Activation.

the main thing with moving the bios is now you can install without a key and that timer doesn't go anywhere either.

Quote - devilotX said @ #13
This type of workaround isn't new, I've heard of people doing this on Windows XP to bypass Activation.

the main thing with moving the bios is now you can install without a key and that timer doesn't go anywhere either.

eh? you can install without a key regardless. the bios date has nothing to do with that at all.

Quote - ZombieFly said @ #13.1

eh? you can install without a key regardless. the bios date has nothing to do with that at all.

thats not the point, the point is with XP, if you used a compromised key, you would still fail WGA regardless of if it was activated or not.

with Vista, you can install without a key and you get what? 3 days to put in a key?

well moving the bios forward extends that 3 day grace indefinitely as well as the Activation timer. with no key to blacklist and nothing to base WGA on... what then?

are they to restrict updating installs without a key used?

Follow me?

Quote - devilotX said @ #13.2
with Vista, you can install without a key and you get what? 3 days to put in a key?

well moving the bios forward extends that 3 day grace indefinitely as well as the Activation timer. with no key to blacklist and nothing to base WGA on... what then?

are they to restrict updating installs without a key used?

Follow me?

Without a key it is 30 days until you have to activate. With a bad key you only have 3 days.

Without a key you get 30 days of vista, WGA won't fail and will update wonderfully. I guess they can, however, upgrade WGA so that updates won't install on non-activated-but-supposedly-legit (which is the case of no-key, no-activation) installs of vista. But that would still allow people to have vista installed eternally

Typing this from a Time-Stopped Windows Vista Ultimate :P
I wanted to give this POS a LONG try out before January because I don't have the latest and greatest in PCs (P4 2.4Ghz, 1GB RAM, GeForce FX 5500 256mb, etc.) and I wanted to see the performance of it... It's acceptable I guess, it feels much snappier than XP, but then again, just from boot-up, this BEHEMOTH of an OS is taking up close to 520Mb of RAM AT ALL TIMES. I can't even play HALO ONE on this computer using Vista. It works like crap when it works perfectly on XP.
Also, the amount of driver issues is just insane. There's almost NO driver support for Vista out there yet. The sound of this computer (AD188 thing from my ASUS P4V800D-X mobo) works perfectly until I hit PAUSE on anything I'm watching/listening, then the whole sound of the computer just stops. It's just crazy.

Ho well, rant off. But I'm glad I don't have to pay to give this POS a long try-out (30 days is not enough, I'm sorry).

"not widely deployable"

-- I wonder if MS will have an updated quote in 24 hours when every leacher int he world has it.

At one point, too, the Bubonic Plague only affected a few people.

Quote - Landlocked said @ #11
At one point, too, the Bubonic Plague only affected a few people.

Vista and the Bubonic plague. Very good analogy!

Don't most cracks work this way? By stopping the internal clock at 30 days and leaving it in full-functionality mode?

No matter, I'm not leaving my computer open to strangers, I'm buying Vista OEM.

There is another thing I found out when trying this crack on expired Vista: when it expires, you only have a window with choices to activate. If you click on "other" options, Firefox (or IE) opens and there you can open CMD.EXE, save it and run it. As administrator, of course. So much for security. And after 30 days I also realised not even 1 single fix is available on Windows Update, just some "Defender" junk I don't even want and can't be turned off (without bugging you every single time). I'll give it another 6 months and then think again hard about purchase.

Nothing will ever be protected. If someone has made the protection then it can be undone. So i don tknow why they r trying to stop piracy.

Quote - soldiers33 said @ #9.1
Nothing will ever be protected. If someone has made the protection then it can be undone. So i don tknow why they r trying to stop piracy.

It's not something you can blame them for, and cracks DO pose a security risk just as bad as a hole does, except this type of hole has a slim chance of saving the user money.

Why do people blame companies for attempting protection?

It's stupid. You must attempt to protect your product or you lose certain protections under law. It really has no bearing on how effective it is -- and despite whether it is effective or not, it is arguably better protection than the last version of Windows.

Quote - billyea said @ #9.2
It's not something you can blame them for, and cracks DO pose a security risk just as bad as a hole does, except this type of hole has a slim chance of saving the user money.

Well, this hole is open before any crack or patch is applied. This hole actualy helped me to apply crack to OS. Like you said, it won't save user money directly, but it allows someone to install a crack. If the rest of Vista's "security" is so nicely done, then I don't want it. But we'll see about that and how good security really is on Jan 30th and beyond.

Quote - mram said @ #9.3
Why do people blame companies for attempting protection?

It's stupid. You must attempt to protect your product or you lose certain protections under law. It really has no bearing on how effective it is -- and despite whether it is effective or not, it is arguably better protection than the last version of Windows.


People blame Microsoft for wasting tons of resources (money, time, coders) on some anti-piracy crap when we all know it'll be broken. Of course they have a right to protect their product, they should, but they should also focus on making a software good and stable first, then worry about piracy. What is more important, some WPA or for example the ability for Vista to simply connect to network (a part that is totaly scr3wed up)? I really don't know what they've been doing for past 6 years.

Quote - theh0g said @ #9.5
People blame Microsoft for wasting tons of resources (money, time, coders) on some anti-piracy crap when we all know it'll be broken. Of course they have a right to protect their product, they should, but they should also focus on making a software good and stable first, then worry about piracy. What is more important, some WPA or for example the ability for Vista to simply connect to network (a part that is totaly scr3wed up)? I really don't know what they've been doing for past 6 years.

You can't say "they should protect their product" and expect that to come without a cost.

Everyone knows (or should know) that MS isn't just like 10 people gathered around and they "split off" people from coding things that make the OS "good and stable". No, they hire more people who are exclusively focused on this stuff.

Yes it's a cost, but no, it doesn't take anything away from the "good and stable" bits. Like I said, it's just money for the other people, something MS doesn't have a problem spending.

People think of MS as some sort of small shop. There are 50,000 people working at MS worldwide and growing. Not all code, and if they do, they don't focus on the same things. The people who code WPA have nothing to do with the people who code network connectivity. I don't know how many major companies you've worked with when you deal with millions/billions of lines of code, but you can't just fix problems through density. (I would venture to guess like most other Vista related problems of THIS day, that the issues of connectivity you speak of would be driver related, and have nothing to do directly with MS).

Quote - soldiers33 said @ #9.1
Nothing will ever be protected. If someone has made the protection then it can be undone. So i don tknow why they r trying to stop piracy.

If someone is determined to crack Vista they will. Microsoft aims to prevent "widely deployable" cracks stopping amateurs from purchasing legal copies of Windows. Microsoft need only make the process annoying, not perfect.

Microsoft's so-called anti-piracy measures are a complete joke. They should fire the ones who worked on it since they are total incompetents.

Did you expect a completely 100% foolproof protection? Even Starforce games are cracked. I took a look at what measures they put in for Vista, and imo they did quite a good job. I suspect that a purely user-mode crack will be quite difficult, if not impossible. Any kernel-mode crack is mitigated on x64 due to driver signing requirement, unless you patch the kernel.

Quote - Andareed said @ #8.1
Did you expect a completely 100% foolproof protection? Even Starforce games are cracked. I took a look at what measures they put in for Vista, and imo they did quite a good job. I suspect that a purely user-mode crack will be quite difficult, if not impossible. Any kernel-mode crack is mitigated on x64 due to driver signing requirement, unless you patch the kernel.

No, but this was bypassed faster than with XP. They left open far too many obvious weak points as well.

This isn't new and it's very easy to screw up. If something accidentally turns on the windows time service functionality *poof* goes the 2099 hack.

Quote - timbo3 said @ #6.2
Windows will only sync the time if you are within like 8 hours.

The sync you both are talking about has very little to do with the crack the main article is about. 2099 plays very insignificant role there, and sync has no time to sync. :D

Like I said, he has no idea what he is talking about.

Quote - Leo Natan said @ #6.3

The sync you both are talking about has very little to do with the crack the main article is about. 2099 plays very insignificant role there, and sync has no time to sync. :D

Like I said, he has no idea what he is talking about.

Try YOU have no clue. You set the BIOS year as high as it goes and adjust the year in windows itself to the actual real year while disabling any kind of time server syncing as it will set both windows AND your BIOS back to the actual correct year. It essentially tricks Vista into thinking you've installed it in 2099 and the 30 days will not begin to count down until 2099.

Quote - Aahz said @ #6.4
Try YOU have no clue. You set the BIOS year as high as it goes and adjust the year in windows itself to the actual real year while disabling any kind of time server syncing as it will set both windows AND your BIOS back to the actual correct year. It essentially tricks Vista into thinking you've installed it in 2099 and the 30 days will not begin to count down until 2099.

READ BEFORE POSTING CRAP! Once you set the year in Vista to 2006, it is set to 2006 in the BIOS as well. 2099 needs to be present only for the initial license settings in the registry. And activation days do count down from 30 even if you are always in 2099, because Vista has some internal timers that monitor how long the system was in use. Hence the new crack was made, to stop those timers (read the article, for crying out loud).

Again, you have no idea what you are talking about.

Ok fine I'm wrong. It's not the same exact crack that's been on every torrent site for over a month now. There's no way that some news site could be more than a month behind the crackers. That could never happen huh?

Quote - Aahz said @ #6.6
Ok fine I'm wrong. It's not the same exact crack that's been on every torrent site for over a month now. There's no way that some news site could be more than a month behind the crackers. That could never happen huh?

The currently discussed crack is a week old, and is still not perfected. It's actively developped by AntiWPA.