Massive Microsoft WGA meltdown fingers legit Vista and XP owners as pirates
19-hour outage over, but users must revalidate to get back disabled features, says vendor
Computerworld - Microsoft Corp. has blamed an unspecified server problem for a 19-hour stretch during which paying users of Windows XP and Vista were accused by the company's Windows Genuine Advantage (WGA) validation system of running pirated software. Any Vista system fingered during the episode was stripped of some features, including the operating system's Aero graphical interface.
As of Saturday at 3 p.m. EDT, Microsoft said the problem had been fixed.
"We are aware it is a server-side issue," said Phil Liu, a Microsoft program manager in the WGA group. "[But] the cause is unknown at this current time."
"Customers who received an incorrect validation response can fix their system by revalidating on our site," said Alex Kochis, senior product manager of WGA, in a blog posting. The site Kochis referred to is the Genuine Microsoft Software home page, which includes links to validation tests for Windows and Microsoft Office. "After successfully revalidating, any affected system should be rebooted to ensure the genuine-only features are restored," Kochis continued.
The validation server snafu began sometime prior to 8 p.m. EDT on Friday, when users started posting messages on Microsoft's support forums, including Vista Validation Issues, saying that their PCs had been tagged as running nongenuine Windows. Overnight, the number of users adding their accounts to the tale spiked significantly, as did the frustration index.
"What in hell is going on, Microsoft?" asked a user named Hedgemeister.
"SUPPORT? Where are you? Validation issues with Vista. Hello? All of us need help," wrote Gnrlbzik.
"This is an absolute disgrace. Treating legitimate customers like criminals is a great way to make people want to buy your software in the future! [I'm] absolutely disgusted," added Costanza.
Although copies of both Windows XP and Vista were being tagged as counterfeit during the 19 hours, users of the latter were especially incensed. The WGA antipiracy scheme for that operating system disables several features when it thinks the copy is bogus, among them the Aero graphical user interface and ReadyBoost.
Early in the outage, several Microsoft customers posted what they said was the text of e-mail they had received from Microsoft support that suggested users sit tight for several days. "I'm sorry to inform you that the Windows Genuine server might be down for few days," the e-mail, attributed to Microsoft Technical Support, said. "I have escalate the issue to our Genuine team, kindly try to validate again on Tuesday 28 Aug 2007."
If the message was intended to mollify users, it didn't work. "TUESDAY!?! Yeah, f that," said Nooaah.
It wasn't until Saturday around 1 p.m. EDT that a non-anonymous Microsoft manager offered up information. "I guarantee that we're working on this issue right now," said Liu in a post to the forum. "My goal is to identify a FIX for this issue -- afterwards get you all what you are looking for, an explanation and cause. I promise I will have an explanation and resolution as soon as humanly possible."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts