Time of death: 4:22 PM UTC September 26th

Notes, please read:

For those of you who don’t know, HWID was the holy grail for Windows activation, letting you generate licenses straight from Microsoft licensing servers, being registered as fully legitimate in microsofts servers and letting you keep the activation permanently, even after windows reinstalls being completely undetectable and with nothing on your system being modified. If you’re still using outdated activation methods and you missed out on this, I’m sorry

Existing HWID licenses are left unaffected. Only new requests are blocked, no licenses were revoked.

By the way, MAS still works and is the best option for Windows/Office activation. For permanent Office activation use it’s Ohook method (supports subscription products such as 365 as well) and KMS38 for Windows

ALL OTHER ACTIVATION METHODS ARE STILL WORKING, ONLY METHOD AFFECTED IS HWID.

All HWID activators are affected, not only MAS

Around that time, Microsoft servers unexpectedly started blocking the licensing requests HWID activation method sends to Microsoft. This was a slow rollout that spanned over a few hours, at the moment the exploit is completely dead. The best options for Windows activation now is KMS38 or vlmcsd.

Patching this would boost illegal key reselling websites which causes more harm to Microsoft than HWID exploit. We can only wonder why they patched this.

{“code”:“BadRequest”,“data”:[],“details”:[],“innererror”:{“code”:“PermanentTSLRejection”,“data”:[],“details”:[{“code”:“113”,“message”:“avsErrorCode”,“target”:null}],“message”:“The Purchase Service rejected the provided TSL; the client should destroy the TSL.”,“source”:“PurchaseFD”},“message”:“The calling client sent a bad request to the service.”,“source”:“PurchaseFD”}

TLS=Temporary Signed License=The tickets HWID activation sends. Microsoft servers are now just responding with “kill it.”

Transferring existing HWID licenses to other computers using Microsoft account is broken too.

  • BrownianMotion@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    this is even more funny since there are apps that literally target this shit and remove it. Its unregistered, and the watermarks are removed, allowing you to forget the existance you are in. (disclaimer: I didn’t do W11, but I doubt they were that good at their job)

    • viking@infosec.pub
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      In Windows 11 they lock down the customization/personalization options, but you can get around that with some registry edits regardless. So I guess it’s pretty straightforward to build a third party tool that replaces the internal customizer.

      But… MAS was so nice and easy.