BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Never Lose Your License Keys or Proof of Ownership Again

Posted April 23, 2010    Morey Haber

I had the unfortunate experience this weekend of working with Microsoft’s Genuine Office Validation Product. Let me give you the skinny on this one.

Microsoft released an update that validates whether your operating system or office product is genuine or a bootleg copy several years ago. The system verifies the registration with an online database and pops up a warning saying your product may not be genuine if there is a match to their database. Sounds like a great way to stop piracy – except for when it trips incorrectly and it becomes increasingly difficult to access vulnerability patches until you verify you have a legitimate version.

So how did I get into this mess? Well, a friend recently had a hard disk failure and needed to have the system re-imaged. The onsite technician reloaded the system and MS Office since it came with the computer. When he reinstalled, he did not use the license key that shipped with the computer but rather some obscure one he had in his bag of tricks.

Guess what? That key is in the “bad” database from Microsoft. Okay – a simple search through an online KB database revealed a registry key to delete and restart of office to prompt for a new key. Again, simple enough. I entered the key and no dice, the registration program would not accept the original number since we had two different versions of Office installed.

The only recourse was a complete uninstall and reinstall of office to correct the problem. Total time, a little over an hour but the annoyance meter started to peak at 10. A little lesson I learned a few years ago would have helped from day one.

If you are like me, and you do not save every box that ships with software or hardware, I found a great way to be a minimalist about proving ownership and license keys:

1. Save all the original CDs and DVDs in a binder made to hold discs. This minimizes space to a single binder for all original software.

2. Cut out all of the UPC codes on boxes and manuals and store them in a folder. This proves purchase and ownership.

3. Save all original purchase receipts with the UPC codes.

4. Any holograms or authentication seals, cut out or rip the page off the book and store in the same folder. This proves licensing.

5. Finally, any location that has serial numbers, cut out and store as well. (Note many new systems have the OS and MS Office serial numbers directly on the PC in the form of stickers.)

This allows you to toss all books, manuals, and trash that accompanies each purchase and prove ownership and licensing if needed. These may sound trivial but how many times have you hunted for software keys and licenses for a reinstall?

Simple organization will go along way and allow to keep your system up to date.

Leave a Reply

Additional articles

webinar 2

On Demand Webinar: Because Auditing Stinks Sometimes

Posted July 2, 2015    Lindsay Marsh

Auditing stinks. Well, mostly stinks. In this on demand webinar, lead by Group Policy MVP Jeremy Moskowitz, you’ll learn the three key tenets to real Group Policy auditing. Tenet 1: Why do you care about Group Policy auditing? Tenet 2: How does Eventing help you know “Who did what?” Tenet 3: How does Reporting tell…

Tags:
, , , ,
skeletonkey3_713678_713680

Stopping the Skeleton Key Trojan

Posted June 29, 2015    Robert Auch

Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts.

Tags:
, , , , ,
webinar 2

On Demand Webinar: 10 Steps to Building an Effective Vulnerability Management Program

Posted June 26, 2015    BeyondTrust Software

In this on demand webinar, Cybersecurity Expert, Derek A.Smith will take you through his 10 steps for a successful vulnerability management program and how to get started now.

Tags:
, ,