This hack has been around for almost a month and according to Microsoft’s WGA Team, they are putting it as a least priority issue to be dealt with at the moment.
Alex Kochis, Microsoft’s Product Managers noted on the WGA’s blog that “It’s worth noting we also prioritize our responses, because not every attempt deserves the same level of response. Our goal isn’t to stop every “mad scientist” that’s on a mission to hack Windows. Our first goal is to disrupt the business model of organized counterfeiters and protect users from becoming unknowing victims.”
So I supposed that this is a good news for whoever using or planning to use such hack.
A hacker by the screen name “Computer User” had recently announce on some internet forum that he had created a crack program, that allows one to search and obtain a legal Vista product key. The crack simply tries to inject product keys into the OS until it finds keys that are accepted by Vista. The crack is able to search through 20000 keys in an hour.
A few days after, “Computer User” announced that the crack was a hoax, and should not work as he had added codes in the crack that causes it to generate invalid product keys. However, some users who had used his crack claimed that they had obtained some legitimate product keys. One user had even posted a video clip showing the entire process.
Alex Kochis, a senior licensing manager from the WGA team had acknowledged the possibility of such an attack, but attempts to downplay it.“The attack randomly searches for legit keys. This is called a brute force attack because there really isn’t much intelligence involved and the goal is to just randomly cycle through key after key after key until a legit one is found. One report indicates that the script written to perform this attack goes through about a thousand keys every half an hour; frankly, that’s a pretty slow brute force attack.”, according to Kochis.
Also from him, if a legitimate customer was affected due to the product key he got was activated by the brute force crack; such issue can be dealt at the customer service level.