[news=http://img424.imageshack.us/img424/240/untitled18iv1wo.png]Microsoft today began expanding its anti-piracy program by quietly pushing out a software update that in many cases automatically scans Windows computers and reports on whether they are powered by unlicensed software.
The "new pilot program" is a fairly broad expansion of Microsoft's Windows Genuine Advantage program, under which the anti-piracy check was required only for users who wish to download security updates or other free programs from Microsoft's site. Under WGA, users who chose to receive fixes via Automatic Updates were not prompted to install and run the anti-piracy software.
Starting today, however, Windows XP users in the United States who have set up automatic security updates will receive the anti-piracy tool. After installation and reboot, they may find their computers popping up an alert that reads: "This copy of Windows is not genuine; you may be a victim of software counterfeiting." Microsoft also is pushing the new tool out to auto-update users in Britain, Malaysia, Australia and New Zealand.
I hadn't heard about this program until today, when my laptop -- which of course is running a legitimate copy of XP Home Edition -- received this update today and prompted me to restart. When I rebooted the machine and went to "Add Remove/Programs," the hyperlinked Microsoft Knowledge Base article that was supposed to describe more about this patch was not available, so I sent a few questions over to Microsoft. Below are their answers:
How does Microsoft plan to disseminate this? Through automatic updates?:
"Yes. As part of the pilot program, some customers in the U.S. U.K., Malaysia, Australia and New Zealand will be invited to receive WGA Notifications through Automatic Updates (AU) to learn whether or not they are running genuine Windows. Customers who opt in to the pilot and learn they are using non-genuine versions of Windows will receive a message during logon that their copy of Windows appears to be non-genuine and will be directed to the WGA Web site to learn more. If they choose not to obtain a copy of genuine Windows at that time, the customer will receive reminders until they are running genuine Windows. While the pilot is presently opt-in, as it expands later in the year, AU and WU customers may be required to participate. Users who have not validated their machines as genuine through WGA will not be able to download IE 7 and Windows Defender among other downloads and updates. However, they will not be denied critical security updates" (my emphasis added).
Will the Windows customer who uses auto-updates have the opportunity to decline this update and still install other updates?:
"The pilot is opt-in, so all participants are given a choice about whether or not they wish to participate. The opt-in is via a License Terms dialog, and users can chose to accept or decline. Only users who accept will receive the software. Once installed, participants will have the option to suppress notifications for some length of time. Users will not have the option of uninstalling WGA Notifications. Customers [already] running genuine Windows Advantage will be unaffected by WGA notifications. Users running non-genuine Windows will see the notifications at boot time, login time, and periodically to via a system tray bubble notification. Messages are displayed until the system is running genuine Windows. Users can choose to suppress the notifier. The notifier will remind such users that they are not running genuine Windows and direct them to the WGA failure page, where they can learn more about the benefits of genuine software and take advantage of the Microsoft genuine Windows offers designed to help victims of counterfeit software. All users are able to receive High Priority Security & reliability updates regardless of their validation status. Users will not have the option of uninstalling WGA Notifications" (again, my emphasis).
What has been the rate of acceptance among Windows users to the Genuine Advantage program so far? How many potentially pirated versions of Windows has Microsoft received reports of thus far through the WGA program and installed tools?
"To date, we have already validated more than 150 million systems worldwide with WGA. As of March 2006, the WGA notifications program has been offered to more than 13 million users and we estimate an additional 13 million customers will receive the program with the present expansion. The ultimate goal of WGA is to differentiate genuine Windows software from non-genuine software. WGA also helps Microsoft learn more about counterfeit resellers and their illegal practices. We don't have specific numbers to share."
What exactly happens in the event that the tool finds a PC that is suspected of running a counterfeit version of Windows (what info, if any, is then shared with Redmond)?:
"WGA Notifications is for Windows XP users. Our client software does not collect any information that can be used to identify or contact a user. We use the same process used by many popular search engines and Web sites to determine where their users are from -- a form of IP lookup. This IP lookup process does not include any information that is used to identify you or contact you, and only gives a rough geographic representation of where users are located."
Microsoft also said it is planning to expand the anti-piracy pilot to Microsoft Office products. Initially this will affect users of various foreign language versions of Office, including Brazilian Portuguese, Czech, Greek, Korean, Simplified Chinese, Russian and Spanish.
Microsoft has every right to defend its intellectual property rights, and I don't for a single second begrudge the company for trying to quash software piracy, which is a very costly and global problem. But I'm a little concerned that this action could cause a number of Windows users to turn off automatic updates completely, and as such leave their systems unpatched and sitting ducks for would-be attackers who might use those machines for criminal purposes.
For my part, I turned off Automatic Updates several months ago, mainly because I got sick of telling Windows not to install its "malicious software removal tool," (even though I checked the box next to "don't ask again" or something to that effect, Windows asks permission to reinstall the program every time other updates are available).
Microsoft also released today an update to fix a Windows security patch (MS06-015) it issued a week ago that caused problems for some users of Hewlett-Packard hardware and software, as well as some Windows users who have certain Nvidia graphics cards installed.
Microsoft said that if you are configured to receive automatic updates, you don't need to do anything: "It will detect if you have the problem and deliver the update to you. If you have not yet installed MS06-015, the revised version will be offered to you." Automatic update users will also get a complimentary copy of the new Windows anti-piracy tool as well.