Windows Vista OEM BIOS hack works effectively

Microsoft's senior product managed Alex Kochis confirmed on his blog that the new OEM BIOS based hacks are very effective to illegally activate nearly any version of Windows Vista.

Kochis writes they are aware of this new hack and explains how this new hack works:

Here's a little more information on how OEM BIOS based activation works. This form of product activation is also known as OEM Activation or just OA, which is how Microsoft refers to it and how I will refer to it in this post. Back at the launch of Windows XP when Microsoft introduced Windows Product Activation, we recognized that as easy as end-user activation is, it still represented an extra step. In an effort to reduce the impact of even that extra step but maintain the overall effectiveness of product activation, Microsoft worked with OEMs to develop an implementation that would work best for them and their customers while keeping the goals of product activation clearly in focus. As we looked to develop a solution, it was important to ensure that product activation technology could still deliver an acceptable degree of protection, while at the same time, reduce the need for an extra step by the end user. A couple of key factors stand out as enabling the OA 1.0 solution that was delivered in Windows XP.

Large OEMs tend to ship large numbers of PCs with Windows preinstalled. They also have the ability during their manufacturing processes to identify systems that will ship with Windows pre-installed.

Also, because of the direct relationship Microsoft has with those OEMS, the company has a higher degree of confidence that a genuine COA will be attached to each PC and that there will be accurate reporting of the number of units shipped preinstalled with Microsoft Windows.

These factors lead Microsoft and the major OEMs to place a marker in the BIOS of the OEM's motherboard to identify OEM systems that were to be pre-installed with licensed copies of Windows XP. This marker, which is added to a specific location in the BIOS of the motherboard, enables a copy of Windows XP to look for that known value in the BIOS of the motherboard and, when found, confirm it was booting on a PC that was sold by a specific OEM and licensed to boot Windows.

He doesn't really say what Microsoft is planning to do about it, except that Microsoft has certain ways to handle this type of hacks. Their biggest priority is to disrupt the business model of organized counterfeiters to protect users from becoming unknowing victims. This means they focus on responding to hacks that are easy to scale and can be easily commercialized.