Windows 7 Ultimate RTM Cracked, Fully Validated (Already?)

David Murphy

Jul 29, 2009 1:50 pm

That didn't take long. It has only been a week since the official Windows 7 RTM announcement by Microsoft, but crackers have already managed to activate and validate the tricked-out Ultimate version of the OS. The hack is nothing new, as it borrows the same techniques used to bypass activation and verification of previous Vista editions.

According to Softpedia, crackers somehow obtained a copy of an OEM Windows 7 Ultimate disc from Lenovo. From there, they were able to extract two critical bits of information: Windows 7's OEM-SLP (system-locked pre-installation) product key and the OEM certificate for Windows 7 Ultimate.

But before these can be of any value, one first has to modify a system's BIOS to fool the operating system into believing that the PC is an authentic OEM machine. This is done by tweaking the values found in the Software Licensing Description Table (SLIC) that is stored in the system's memory during boot-up.

Once a person has disguised a system as a legitimate OEM machine, the OEM-SLP and OEM certificate allow for permanent, validated activation of the operating system. To Microsoft, the PC is no different from a functional OEM machine--and the "OEM machine," in turn, has no need to call back to Microsoft's activation servers for any kind of additional verification. That would defeat the convenient basis behind the creation of SLIC-based OEM activations in the first place.

Just because the OEM disc and keys came from Lenovo doesn't mean that the crack is exclusive to that brand. According to Softpedia, the crack has proven successful on Dell, HP, and MSI machines as well.

Powered by ScribeFire.

Apple beat analyst expectations and appears nearly untouched by the economic downturn, reporting its best non-holiday quarterly revenue and earnings in the company's history on Tuesday.

For its third quarter ending June 27, Apple posted net profit of US$1.23 billion and $1.35 per share, up from $1.07 billion and $1.19 per share in the same quarter last year. Revenue reached $8.34 billion.

Analysts polled by Thomson Reuters were expecting $8.20 billion in revenue and $1.17 per share.

One low point in Apple's report is the declining iPod business, with unit sales dropping 7 percent compared to last year to 10.2 million iPods. But iPhone sales more than make up for that. In the quarter, Apple sold 5.2 million iPhones, 626 percent more than the same period last year.

Apple had projected the decline in iPod sales, which was "one of the original reasons we developed the iPhone and Touch," said Peter Oppenheimer, Apple's chief financial officer, during a conference call to discuss the results. "We suspected the traditional MP3 category to decline over time as we cannibalized ourselves with the Touch and the iPhone."

Unit sales of the iPod Touch grew 130 percent in the quarter compared to last year, he said.

Revenue from iPhones, iPhone accessories and mobile carriers was $1.69 billion, an increase of more than 300 percent over the same quarter last year.

iPhone Audience Expands

While the iPhone initially targeted the consumer mass market, it's making headway among business users, said Tim Cook, chief operating officer. Almost 20 percent of Fortune 100 companies have purchased 10,000 units or more, and multiple government agencies and other organizations have bought more than 25,000 iPhones each, he said.

"The iPhone is particularly doing well with small businesses and larger organizations that allow (employees) to purchase phones for individual use, both in corporate and government settings," he said.

Analysts have wondered what effect the introduction of the new iPhone 3GS and the price drop for the original iPhone 3G would have on the mix of sales of the devices. But Apple executives didn't shed much light on the issue. They declined to reveal how many of the 5.2 million iPhones that sold in the quarter were 3GSes and 3Gs.

"I think it's too early to tell what the ultimate mix of those products will be," Cook said. That's because currently Apple isn't able to keep up with demand for the 3GS, and it's only available in 18 of the more than 80 countries where the iPhone is on sale. In addition, many iPhone 3GS buyers probably are upgrading from the iPhone 3G, he said.

AppStore, Yes; Netbook, No

Apple expects to maintain the lead among mobile application stores, even as new stores go live. The App Store is now available in 77 countries, has 65,000 applications and serves an installed base of 45 million iPhone users, Cook noted. His research shows that Research In Motion and Nokia each have between 1,000 and 2,000 applications in their stores and Android has fewer than 5,000, he said.

"We feel extremely good about our competitive position and believe we're years ahead of other people," he said.

Apple sold 2.6 million Macs during the quarter, a 4 percent increase from last year. Portable Mac shipments were up 13 percent over that same period. That means Apple is beating the industry, which was expected to contract by 3 percent during the quarter, according to IDC research.

Cook echoed comments he's made in the past about a lack of interest at Apple in the netbook category, despite the growth in sales of the devices from other vendors. "At this point, we don't see a way to build a great product for $399, $499, this kind of price point," he said. He predicted that people who are buying netbooks may become disappointed and disenchanted.

Apple CEO Steve Jobs, who has only just returned to work after taking a sick leave, was quoted in the earnings report saying he's thrilled at the number of iPhones sold. He also confirmed that users have downloaded more than 1.5 billion applications from the iPhone App Store in its first year.

There were no questions about or mention of Jobs or his health on the phone call.

Nancy Gohring, IDG News Service

Powered by ScribeFire.

The vulnerability is in the TraceMonkey JavaScript engine that debuted with Firefox 3.5, said Mozilla. "[It] can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code," the company's security blog reported Tuesday.

Secunia, a Danish security company, rated the bug "highly critical," the second-highest threat ranking in its five-step system, and added that the vulnerability is in TraceMonkey's processing of JavaScript code handling "font" HTML tags.

Older versions of Firefox, including Firefox 3.0, are not vulnerable, according to a message posted by Asa Dotzler, Mozilla's director of community development, in a comment to the company's blog.

"Mozilla developers are working on a fix for this issue and a Firefox security update will be sent out as soon as the fix is completed and tested," said that same blog.

In lieu of a patch, users can protect themselves by disabling the "just-in-time" component of the TraceMonkey engine. To do that, users should enter "about:config" in Firefox's address bar, type "jit" in the filter box, then double-click the "javascript.options.jit.content" entry to set the value to "false." The popular NoScript add-on will also ward off attacks.

The hacker who published exploit code on the milw0rm.com malware site Monday was not the first to uncover the vulnerability: Mozilla developers first noted the flaw last Thursday, and were in the middle of working on it when the attack code appeared.

"Looking at the exploit code and our test cases, I think this is self-inflicted and we should have hidden the bug earlier," argued Andreas Gal on Bugzilla. Gal is a project scientist at the University of California, Irvine, where the technique called "trace trees" was developed. Firefox 3.5's TraceMonkey engine is based on that technique, and builds on code and ideas shared with the open-source Tamarin Tracing project.

Another contributor agreed. "It would seem that the milw0rm exploit code is based on the test cases for this bug," said someone identified only as "WD" in the same Bugzilla thread. "When you look at the crash details in a debugger, it's pretty clear that it's exploitable with a heap spray to the access violation address in question."

The fix has been slated for Firefox 3.5.1, a fast-track update originally scheduled to release in the last two weeks of this month.

That update will be accelerated to plug the just-gone-public hole, said Daniel Veditz, a security lead at Mozilla. "[The bug] was checked in yesterday, a few hours before we learned of the milw0rm posting," Veditz said Tuesday night in a comment on the Mozilla security blog. "This fix was going to be in the 3.5.x update we had scheduled for the end of July, but obviously now we have moved up the schedule for release."

Mozilla launched Firefox 3.5 on June 30.

Powered by ScribeFire.

.