Windows 7 Key "Leak" Will Now Be Blacklisted

[SonsOfLiberty]

Yesterday we were alerted to reports of a leak of a special product key issued to an OEM partner of ours. The key is for use with Windows 7 Ultimate RTM product that is meant to be pre-installed by the OEM on new PCs to be shipped later this year. As such, the use of this key requires having a PC from the manufacturer it was issued to. We've worked with that manufacturer so that customers who purchase genuine copies of Windows 7 from this manufacturer will experience no issues validating their copy of Windows 7. At the same time we will seek to alert customers who are using the leaked key that they are running a non-genuine copy of Windows. It's important to note that no PCs will be sold that will use this key.

Windows 7 already includes an improved ability to detect hacks, also known as activation exploits, and alert customers who are using a pirated copy. There is a hack that is said to enable, when paired with the leaked key, a system to install and use a copy of Windows 7 Ultimate. Both the hack and the key are indications that a copy of Windows may not be genuine. The Windows Activation Technologies included in Windows 7 are designed to handle situations such as this one, and customers using these tools and methods should expect Windows to detect them.

Our primary goal is to protect users from becoming unknowing victims, because customers who use pirated software are at greater risk of being exposed to malware as well as identity theft. Someone asked me recently - and I think it's worth noting here -- whether we treat all exploits equally in responding to new ones we see. Our objective isn't to stop every "mad scientist" that's out there from dabbling; our aim is to protect our customers from commercialized counterfeit software that impacts our customers' confidence in knowing they got what they paid for. That will continue to be our focus as we continue to evolve our anti-piracy platforms, and respond to new threats that we see emerge in the future.

So, this means the Lenovo leak doesn't matter now, the key will be blacklisted, also new updates are out that update the build number as well

Source: Windows 7 WGA Blog

[Skiz]

This is why I never bothered with it. This was the only possible outcome from a leaked master key.

[SonsOfLiberty]

Also, this means, that NO NEW PC's will be SOLD with that key, but conflicting stories are saying that Lenovo, has already shipped a few PC's...I'll add more details once they spring up.

Sorry for bothering you, but I think this post is quite useless for the following reasons.

1) As far as I know, OEM SLP activation has nothing to do with retail keys, so it doesn't require an authentication server for which key can be or can't be accepted.
The Lenovo's key is checked by pkeyconfig.xrm-ms and tokens.dat M$ files already installed on OS system dir.

2) If M$ will blacklist this key he will need to update pkeyconfig.xrm-ms or tokens.dat, being an OEM key and a new one will surely comes out (experience should teach us that it's only a matter of time).

3) Some lenovo laptops and notebooks windows 7 certified have already been sold to some users and I can't imagine those people come back to shop for obtain a new one OEM key (which, of course, can be leaked as well as the first one).

4) Did you ever wonder why M$ has never blacklisted the "well-known" Asus SLP 2.0 keys or Dell ones (I'm referring to Windows Vista) when they came out ? Even with SP1 and SP2, those keys are still valid keys.
If Microsoft could blacklist those keys they, surely, have done for a long time, while in 2 years they have never been blacklisted them. I think M$ should spend a lot of his own resources to ban or blacklist any oem leaked code (expecially SLP OEM keys).

Don't forget that OEM SLP activation is a "legit" procedure as M$ can't determine if one user has bought for real his own notebook or laptop, instead of downloading RTM ISO and activating with OEM SLP key. It's very difficult to proof that.

China4Ever/My Digital Life Forums

all methods must utilize some OEM key or another and at this point it is a LENOVO key which has not been used to my knowledge on an official wide scale approach therefore blacklisting this serial will somewhat effect users as it would impair their ability to receive future updates because as I would understand it keys will be checked during updates and will fail to pass WGA... sure the activation may be done offline but that doesn't change the fact users will not get updates under this current Lenovo key which is now said to be blacklisted.

The methods are fine but until we reach a point in time where OEM keys are in the hands of mass retail customers (meaning when PC's are shipped with win7 is preloaded with the new master oem keys) we cannot depend on this key for any sort of full blown long term solution.

Also, the new updates and new build string are some cause of concern no?

[tesco]

Our primary goal is to protect users from becoming unknowing victims, because customers who use pirated software are at greater risk of being exposed to malware as well as identity theft.

Oh really?

[Hairbautt]

Our primary goal is to protect users from becoming unknowing victims, because customers who use pirated software are at greater risk of being exposed to malware as well as identity theft.

Oh really?

Never know what they might have slipped in. But yeah...primary goal.

[Darth Sushi]

our primary goal is to protect users from becoming unknowing victims, because customers who use pirated software are at greater risk of being exposed to malware as well as identity theft.

Oh really?

lol!