Windows Vista: Windows Genuine Advantage: An Overview and Screenshot Gallery

I've found Microsoft's recent forays into customer relations with Windows Genuine Advantage (WGA) to be somewhat amusing. I mean, after all, Microsoft is a huge company just brimming with really smart...

Paul Thurrott

October 6, 2010

9 Min Read
ITPro Today logo

I've found Microsoft's recent forays into customer relations with Windows Genuine Advantage (WGA) to be somewhat amusing. I mean, after all, Microsoft is a huge company just brimming with really smart people. How could they do something so silly?

If you're not up on the WGA saga, here's a recap. Microsoft announced its Genuine Advantage software initiative in March 2006. It's designed as part of the company's wider assault on software piracy (another infamous part of this fight, Product Activation, won fame and fortune for Microsoft when XP was released in late 2001). The Genuine Advantage initiative is comprised of three parts: Education (customers should understand the risks of pirated software), Engineering (Microsoft's ongoing investment in anti-counterfeiting technologies and product features), and Enforcement (Microsoft is helping law enforcement agencies go after the world's worst software pirates).

WGA is a component of the Engineering part of that unholy triumvirate. It's a bit of software that gets installed on Windows XP (it's part of Windows Vista right out of the gate, naturally) and is comprised of two components. The first, dubbed WGA Validation, determines whether the version of Windows on which its running is legitimate. The second component, WGA Notifications, displays annoying alerts on pirated Windows copies and provides a way for the user to pay for a legitimate copy of Windows.

Aside from basic trust issues--Apple, for example, does not burden users with Product Activation or any similar anti-piracy technologies in its Mac OS X operating system--Microsoft made two major mistakes with WGA. The first was to silently post a beta version of the tool to Windows Update as a Critical Update, thus ensuring that it was quietly and underhandedly installed on hundreds of millions of customers' PCs: I mean, seriously. Is Microsoft honestly making guinea pigs out of its entire user base?

The second mistake was that WGA Notifications was also "phoning home" information to Microsoft on a regular basis. That's right: Not only was the software secretly installed on your PC, but it then regularly contacted Microsoft servers and provided them with data about the instances of pirated and nonpirated software out there. Customers and security experts reacted with alarm, as well they should: Microsoft had literally shipped spyware to its customers. Microsoft, meanwhile, reacted as they often do when something like this happens: They made as if nothing serious had happened and acted shocked that anyone could think otherwise. So much for the Glasnost of the consent decree.

After a few days of freaking out customers, Microsoft finally changed WGA in mid-June 2006 so that it wouldn't phone home every single time a PC rebooted, which is how frequently it had been doing so. Now, WGA will still send back piracy data to Microsoft the first time it tests a system, and then it will only sporadically phone home after that. The company also released a set ofinstructions for disabling or removing the "pilot" version of WGA though Microsoft contends that the final version of the software, due soon, will not support these activities.

After the dust had settled, sort of, I was still sort of curious what WGA looked like on a system that was suspected of being pirated. This week, I got my wish: A copy of Windows XP Media Center Edition 2005, installed in a virtual machine, came up with various WGA alerts after I installed a bunch of updates from Windows Update. Screenshots of this machine can be found below.

You're probably wondering how it is that I'm running a pirated copy of Windows. It's a legitimate question.

We're all friends here, right?

Truthfully, I can only imagine what triggered these alerts. The software was installed to a VM a long time ago and archived on my server. I no doubt used a copy of XP MCE 2005 that I had received as part of my MSDN subscription. If the WGA alerts are to be believed, it's possible that Microsoft thinks I've installed this software on too many machines, though that seems unlikely to me. I can't really say.

Anyway, that's what it looks like to be a suspected pirate. Like many people who will see these alerts, I don't believe I did anything wrong. I'm sure that's going to be a common refrain in this new era of untrusting software and companies. Ah well.

Update: Microsoft investigates my WGA issues

As you might imagine, I don't generally have to buy Microsoft software. The company supplies me with an MSDN subscription, which provides me with virtually all of the Windows, Office, and server software I'll ever need, and of course I get various beta disks and other software fairly regularly otherwise. I do purchase non-Microsoft software as required, which explains why I use Adobe PhotoShop Elements and not the hugely expensive CS version. I have no problem paying for software I'm actually going to use: I regularly purchase applications and utilities online as well.

When it comes to Microsoft's operating systems, I like to keep versions of each in Virtual PC-compatible virtual hard disks (VHDs) for testing purposes. For XP, for example, I have virtual machine (VM) copies of XP Home Edition N, XP Pro with SP2, XP Media Center Edition 2005 with UR2, and a version with XP Lite installed. (I also have numerous other VHDs, including some for various Linux, Windows Server, and Vista versions.)

Starting with Windows Vista build 5456 (the first post-Beta 2 build), I was able to move to Windows Vista full time on all my machines for the first time. There was just one major issue: IE 7 is incompatible with the Web site I use every day to post articles to WinInfo. So I had to figure out a way to post articles, preferably from within Vista. My main machine dual boots between XP and Vista, but it's a pain to reboot just to post an article or two. So I decided the best thing to do would be to use one of the XP-based VHDs I had and post the articles using IE 6 from within a virtual machine. I grabbed the smallest one, which happened to be Windows XP Media Center Edition 2005, and installed it on the PC.

After installing it, I let the machine grab all of the available Automatic Updates (and was surprised, incidentally, by how many there were). After a few reboots, it was good to go, with one problem: The WGA warnings described earlier in this article. I actually found it kind of humorous, and figured people would be interested in seeing what it looked like, so I took some screenshots and fired up Microsoft Word to write the article above.

After originally posting this article, I was contacted by Microsoft. The company was interested in figuring out why I was seeing WGA notifications and asked if I'd be interested in working with them to figure it out. Absolutely, I said. What could go wrong?

Microsoft sent me a WGA diagnostic tool, which generates a text file with the results, which include, among other things, the final three portions of the five-part Product ID used to install Windows. I sent this file to Microsoft and awaited the results.

Their preliminary findings were surprising. The key I had used to install Windows was a known pirated key, and required a modified version of winlogon.exe. This surprised me, naturally, since I don't pirate software, especially Microsoft OS software that I have several legitimate copies of around the house.

I talked to Microsoft lead Windows product manager Greg Sullivan about this last week, and like a liar suddenly caught in a never-ending series of bogus excuses, I started fumbling around trying to figure out how I had ended up with such a thing on my system. You know, I said, I did actually buy a copy of Windows XP Media Center Edition 2005 in late 2005 from an online retailer to see what the experience would be like. You may recall that XP MCE 2005 is now available for purchase thanks to a loophole in the product's licensing terms. To get around the legal requirements, retailers simply have to sell you some kind of computer hardware along with the software; mine came with a USB cable that I promptly threw away.

Sensing a way to give me an out, Sullivan agreed that that was probably how it happened: They've had issues with copies of Windows being purchased online being pirated. And sure enough, the software I got came in a simple little case with no documentation or other identification. The thing is, I can't imagine I would have installed that software in a virtual machine. It seems like such a waste, since the Product Key for that version could only be activated once, while the versions I get from MSDN can be activated multiple times. But I'm honestly not sure.

The end result, of course, is that, a) I was literally running pirated software, and b) Microsoft's WGA software worked as it should. I'm not particularly happy with either of those points. But I do give Microsoft credit for trying to discover whether a bizarre little bug in WGA was causing my issues, and they were honestly concerned about getting this right. For my part, I'm left a bit disconcerted. On a happy side note, I was able to download a utility online that lets you change the Product Key associated with a running copy of Windows. (I'm sure that's perfectly legal, ahem.) I changed the VM's Product Key to my legitimate MSDN key, rebooted, and all is now well. However, I ended up switching out the XP MCE 2005 VM for a Windows 2000 VM, because it's smaller (and thus boots up and goes to sleep more quickly) and the version of IE 6 included with Windows 2000 can save Web passwords. All's well that ends well, I guess.

Is there a moral to this story? I'm not sure. Sullivan noted that if this kind of thing can happen to me, then it could probably happen to anyone. I suppose that's true. But I'm reminded of science fiction writer and computer industry analyst Jerry Pournelle, who has often written about making mistakes so that his readers won't have to. I wish I could claim that sort of foresight. But the truth is, I just made a mistake. If we learn something from that mistake, fantastic, but I wasn't trying to set up a life lesson for anyone, let alone myself.


I'm experimenting with a new way to view screenshots. Please try my screenshot gallery, or click the pictures below to see individual images.

About the Author(s)

Paul Thurrott

Paul Thurrott is senior technical analyst for Windows IT Pro. He writes the SuperSite for Windows, a weekly editorial for Windows IT Pro UPDATE, and a daily Windows news and information newsletter called WinInfo Daily UPDATE.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like