Massive Microsoft WGA meltdown fingers legit Vista and XP owners as pirates

19-hour outage over, but users must revalidate to get back disabled features, says vendor

Microsoft Corp. has blamed an unspecified server problem for a 19-hour stretch during which paying users of Windows XP and Vista were accused by the company's Windows Genuine Advantage (WGA) validation system of running pirated software. Any Vista system fingered during the episode was stripped of some features, including the operating system's Aero graphical interface.

As of Saturday at 3 p.m. EDT, Microsoft said the problem had been fixed.

"We are aware it is a server-side issue," said Phil Liu, a Microsoft program manager in the WGA group. "[But] the cause is unknown at this current time."

"Customers who received an incorrect validation response can fix their system by revalidating on our site," said Alex Kochis, senior product manager of WGA, in a blog posting. The site Kochis referred to is the Genuine Microsoft Software home page, which includes links to validation tests for Windows and Microsoft Office. "After successfully revalidating, any affected system should be rebooted to ensure the genuine-only features are restored," Kochis continued.

The validation server snafu began sometime prior to 8 p.m. EDT on Friday, when users started posting messages on Microsoft's support forums, including Vista Validation Issues, saying that their PCs had been tagged as running nongenuine Windows. Overnight, the number of users adding their accounts to the tale spiked significantly, as did the frustration index.

"What in hell is going on, Microsoft?" asked a user named Hedgemeister.

"SUPPORT? Where are you? Validation issues with Vista. Hello? All of us need help," wrote Gnrlbzik.

"This is an absolute disgrace. Treating legitimate customers like criminals is a great way to make people want to buy your software in the future! [I'm] absolutely disgusted," added Costanza.

Although copies of both Windows XP and Vista were being tagged as counterfeit during the 19 hours, users of the latter were especially incensed. The WGA antipiracy scheme for that operating system disables several features when it thinks the copy is bogus, among them the Aero graphical user interface and ReadyBoost.

Early in the outage, several Microsoft customers posted what they said was the text of e-mail they had received from Microsoft support that suggested users sit tight for several days. "I'm sorry to inform you that the Windows Genuine server might be down for few days," the e-mail, attributed to Microsoft Technical Support, said. "I have escalate the issue to our Genuine team, kindly try to validate again on Tuesday 28 Aug 2007."

If the message was intended to mollify users, it didn't work. "TUESDAY!?! Yeah, f that," said Nooaah.

It wasn't until Saturday around 1 p.m. EDT that a non-anonymous Microsoft manager offered up information. "I guarantee that we're working on this issue right now," said Liu in a post to the forum. "My goal is to identify a FIX for this issue -- afterwards get you all what you are looking for, an explanation and cause. I promise I will have an explanation and resolution as soon as humanly possible."

Although Microsoft did not identify the number of affected systems Saturday, based on the user comments and Liu's promises, it appeared to be systemwide. If so, it would be the biggest problem so far in the developer's contentious WGA program. Designed to spot pirated copies of its Windows and Office software, WGA has been mandatory since mid-2005 before nonsecurity updates or files can be downloaded from Microsoft's site.

WGA has faced criticism almost since its inception, but until Friday the most vocal complaints dated back to June 2006, when users discovered that the Windows XP version of WGA was "phoning home" to Microsoft every time the PC was booted. Those critics returned when Microsoft upped the ante with Vista by replacing the WGA messages that only nagged XP users suspected of running counterfeits with a new policy that used a reduced functionality mode (RFM) to cripple machines. In RFM, only Internet Explorer works, and then for just an hour at a time.

Because RFM only allows a grace period of three days to those who previously activated Windows but are subsequently deemed pirates, any problems must be fixed quickly to prevent customers' PCs from going dark. Microsoft managed to beat the deadline. That, however, didn't mean much to some, who said this was it for their relationship with the vendor. One claimed that he was heading out the door to buy a Mac, while others swore they would switch to Linux.

Others called on Microsoft to ditch WGA. "Once again the legitimate person gets screwed while the people who pirate software probably aren't even affected," said Mark in the support forum. "This whole validation process should be dropped. This is just another nail in the Microsoft coffin."

Today's outage was not the first time the validation service has gone dark and then identified all PCs connecting with the servers as running pirated copies. In October 2006, Microsoft's Kochis acknowledged a similar blackout. "Earlier this week a server on the backend of the WGA service experienced a bug that resulted in a temporary outage. As a result, some systems were incorrectly flagged as being non-genuine, and we want to confirm for those who contacted us about this that it was indeed an error," he wrote.

Related News and Discussion:

FREE Computerworld Insider Guide: IT Certification Study Tips
Join the discussion
Be the first to comment on this article. Our Commenting Policies