Technology News And Reviews

With the help of some Chinese hackers, Windows 7 has already been cracked, and this crack won’t be easy to seal. On the other hand, it won’t be the sort of crack that is easy for the typical user, either.

The leak started with a leaked Lenovo DVD .ISO, which yielded an OEM-SLP product key and OEM certificate for Windows 7 Ultimate. Which means what?

SLP is System-Locked Pre-installation, a procedure that is used to pre-activate Windows OSes for mass distribution by OEMs. You don’t think OEMs have to enter a key for each and every PC they sell, do you? Essentially, this information could be used to activate Windows Ultimate, and since it doesn’t rely on an activation key like you get on your retail copy of Windows, the key couldn’t be blacklisted.

However, SLP also relies on SLIC (Software Licensing Description Table), which is part of the BIOS and is used to determine if the OS can be pre-activated as noted above. SLIC 2.1 is used for Windows 7; SLIC 2.0 for Windows Vista.

Newer PCs that are shipping now should have SLIC 2.1 built-into their BIOS. If you have an older BIOS you can mod the BIOS or run a bootloader to emulate SLIC 2.1.

With that, and the even uglier fact that the key is a master one, which can be used to activate other OEM brands, an enterprising person can permanently activate Windows 7 Ultimate and have it pass WGA. Additionally, Microsoft uses the same digitally signed OEM certificate, which has an .xrm-ms extension, as that in Windows Vista. Whoops.

There’s little likelihood that Microsoft will change things up and invalidate this key as a similar leak occurred for Windows Vista, and they never closed that hole. It would be a major issue for them.

What they really need to do is figure out a way to keep these leaks from happening. Considering this one came from China, (which is no surprise), the obvious implication is: stopping leaks in the future, probably not possible.