KB940510: I can see you…

There is always an unfinished war among Microsoft and the hacker community, mostly aimed towards the first one’s aggressive approach to the market with well-known products often recognized as low-quality, unsafe and poorly innovative. So, Microsoft’s products (such as the Office suite and the operating systems, the latest being Vista) are always target for piracy and hacking, in order to defeat its protection strategies and thus poke fun at its weaknesses, especially when compared with cheaper competitors like Linux or OS X.

Nevertheless, the universal spreading of cracked programs and operating systems made Microsoft reach even the farthest corner of the known universe, thus being one of the most powerful software firm of the world: if you used to have MS’s stuff at school, at your own home, at college, at work, why should you look elsewhere to find software?

Operating systems much better than Windows took a very long time to establish a steady presence in the computer world: social inertia is a strong force to be overcome.

Windows Vista is just the latest (waiting for its next incarnation, Windows 7) operating system coming from the inexhaustible MS’s forges; it was delivered with a protection system aimed at avoiding illegal installs on pirates machines. No need to say that the protection system was quickly stealed with many different approaches (the well known Paradox OEM BIOS Emulator, TimerStop grace period stopper, and so on) which allowed to install all the different versions of Vista for free. Now something moves deep in the MS’s caves: with the release of the KB940510 update a new detector is installed which sniffs for the known exploit patches and, in case, pops up an alert to warn users that an exploit is detected (usually SL07-001 or SL07-006) and invite to install genuine products. This update seems to be no harmful with Vista, which is not modified or deactivated in any way: user still retains full access to the system, with complete OS functionality. In MS’s own words:

“When the update is installed, no functionality of your operating system will be affected. If no exploits are detected, the update silently exits. If exploits are detected, you will be provided a link to a Web site that describes how you can remove the exploits. When the exploits are removed, you may be asked to use a valid product key to activate your copy of Windows. If you do not want to remove the exploits, Windows may disable the exploits and then ask you to use a valid product key to activate Windows“.

Did you noted the subtle threat? Microsoft is now delivering a “light warning”, just another way to say “Gotcha! You’re a pirate, we know it; you have now the chance to reach the bright side of the Force, or accept all the possible consequences of your thoughtless behaviour“. But who knows, in a future Microsoft could change its mind and suddenly disable all the illegal systems…

Ok, there are two ways to quickly remove any threat: the first one is, of course, to run out now and purchase a fully legal copy of Vista (if you can’t live without Windows). The second one is a way you can go through if you installed the upgrade patch but didn’t restart the computer: just open the Install Updates list and check for the presence of the KB940510 item; if found, perform an advanced search for the following filename:

• wgaer_m*

You must select all your local drives, checking the option to include all non-indexed, hidden and system files. The search should return two files:

• wgaer_m.exe
• wgaer_m.ui

Delete these files, and then do a regedit in order to scan Windows’ Registry for the occurrence of the string “wga scanner”; if found, delete all the instances.

This should make your Vista free to run without any control by homefactory’s cops, until the next time at least.