New WGA Behavior in Windows Vista Service Pack 1

Microsoft this week announceed changes to Windows Genuine Advantage (WGA) in Windows Vista. Here's what I learned in a recent briefing with Alex Kochis, a group product manager of Windows Genuine Advantage (WGA) at Microsoft.

Microsoft is making two major changes to WGA in Windows Vista, though only one of these changes will ever affect legitimate Windows users, and then only rarely. These changes will be implemented in Service Pack 1 (SP1), due in Q1 2008. Kochis told me that these changes would most likely not be included in any of the upcoming release candidate builds of Vista SP1, so we won't be able to find out more until the final version ships.

First, Microsoft is disabling the two most common exploits that exist today for bypassing product activation in Vista: The grace timer hack, which resets the activation grace time of the product, in one case all the way out to 2099, and the OEM BIOS hack, which intercepts calls to the BIOS, preventing Vista from accurately determining when hardware changes are made. Pirate Windows users utilizing one of these hacks will see their systems return to the intended state--typically a grace period countdown--once SP1 is installed.

The second change is more dramatic. Today, Vista offers up two different experiences on illegitimate systems, depending on the circumstances. If the product activation period expires, for example, Vista moves into Reduced Functionality Mode (RFM), where the user can only access the IE Web browser for 60 minutes at a time before being logged out; or, you can boot into Safe Mode and access your documents and perform housekeeping tasks and, hopefully, get your system activated. A second special functional mode, called Non-Genuine State (NGS), occurs when an activated copy of Vista fails a Web-based validation check, such as when you attempt to download software from the Microsoft Web site. In this case, certain features--like Windows Aero and ReadyBoost--are completely disabled, while others--like Windows Update and Windows Defender--work in limited ways only.

Beginning with SP1, RFM and NGS are a thing of the past. Instead, systems that fail activation or validation will enter a notifications-based mode of operation that's similar to what happens in XP today. At logon, the user is prompted to activate via a pop-up dialog box that can't be dismissed for 15 seconds. And once logged on, the system will prompt the user every hour by changing the desktop wallpaper or background to plain black and flashing an activation dialog and a balloon help dialog near the system tray. You can ignore the pop-ups and change the background back to your favorite photo, but it will all happen again in another hour. The key point is that no real functionality is now lost, as was the case with RFM and NGS.

The question here, of course, is whether these changes go far enough to address the problems users have experienced with WGA goes bad. Certainly, the situation is improving. Instead of moving into RFM when the activation grace period expires, or into NGS when an activated Windows version fails online validation, Vista with SP1 will instead provide a fully-working, if more than slightly irritating, experience. All your applications will work normally and you'll be able to get online. This is good news, but the onus of accountability is still on legitimate users. I'll need to see this functionality in action before I can render a verdict, but even a little bit of progress is still progress.

I'd like to see Microsoft abandon WGA entirely, but that's clearly never going to happen. In the absence of that revolution, I suppose any victories, however tiny, should at least be appreciated.

This article originally appeared in the December 4, 2007 issue of Windows IT Pro UPDATE. --Paul