Pirates Already Cranking on Windows Vista

It’s confirmed: internal build 5840 was leaked to the Internet through a Chinese web link and distributed via eMule and bittorrent. This build does not have the build watermark on the desktop anymore and does not accept beta keys. We are getting closer to RTM! Interestingly enough, this build still does not require a product key if you boot it from the DVD. If you try an in-place upgrade, it will require a key. Of course, the pirates have been trying to get around the activation part since they don’t have a key. The hack seems to center around file slc.dll and supposedly has existed since the Windows XP days. Basically, it resets the activation counter back to 14 days up to 3 times. After 3 times, it ceases to work. This sounds quite like what sysprep does. Looking on Microsoft’s knowledge base, we find this article. Indeed, the pirates are just invoking a function that is normally called by sysprep: nothing fancy here. However, pirates have already found where Vista stores its activation status and have already figured out that the operating system locks the user (even administrators) out of this area of the registry.

There are now web sites and communities dedicated to the cracking of Microsoft activation technologies. Get your popcorn out, because this time it’s really going to be a cat and mouse game! Speaking of keys, here’s a snapshot of my copy of RC2:


Key finders still work! Granted, this is not a RTM escrow build, but it goes to show you that if you have a Vista product key you better keep it very safe. It’s very likely that the built-in key on the DVD will be banned from getting Windows updates and of course from activating.

– Soli Deo Gloria