A Windows Update distributed across Australia last night has erroneously disabled my workstation.
“The validation process could not be completed because the validation control is unable to read the product key stored on this computer. We are unable to verify whether your copy of Windows is genuine.”
When the Windows Genuine Advantage (WGA) application fails with an internal error, it aggressively declares the operating system to be counterfeit by default. Subsequent logins are delayed by a countdown timer and reminders appear in the taskbar notification area.
Out of curiousity, I clicked the Get Genuine button that was presented to me while waiting for the login timeout to complete. My copy of Windows was immediately deactivated and I was taken to a web site which failed to load. The site would not allow me to proceed any further, declaring Windows “has not been activated”. It seemed odd that a web site designed to remedy a problem should depend on the problem being already solved in order to function correctly!
Reactivating Windows from my system administrator account succeeded, although this required an undocumented step which may confuse some users confronted by this issue.
As KB905474 is considered a critical update, it is downloaded and installed automatically unless Automatic Updates are disabled (not recommended). I should also mention that this batch of updates forced a timed reboot of my system which could not be cancelled. Work was lost while taking a phone call and time was wasted investigating “counterfeit” warnings.
The phrase “victim of counterfeiting” seems somewhat ironic in this context.
Solution
Permission errors are usually not that hard to track down. The problem is determining where the product key is located and finding the time to complete the task. The Microsoft Sysinternals tool set has some excellent utilities that can be used to analyse and resolve such problems.
Even so, I decided to Google the problem again, 10 hours after the fact, to see what had developed. As it turns out, someone had already posted a fix.
The problem is that the WGA application requires write access to a data file that it installs without regard for permissions that might be required to allow ordinary users access. I would hope that another edition of this update will be released in the near future to address this oversight, and that Microsoft would also ensure that anyone who follows on-screen instructions to obtain a genuine copy of Windows is not confronted by a broken web site.
For those who need this fix, the solution is to grant non-administrative users change access to this folder:
%AllUsersProfile%\Application Data\Windows Genuine Advantage\data
Security Implications
One of the unfortunate side-effects of this dysfunctional update is that any malicious person desiring to deactivate Windows XP computers by remote attack need only create and deliver some malware that trivially changes permissions on the appropriate folder. When one considers the potential impact of a future worm or virus containing such a payload, it is clear that Microsoft needs to address this problem urgently.