Microsoft Says Windows 7 Activation Bug Was Caused By Server Update

Image credit: Microsoft

The issue, affecting some volume-licensed Windows 7 systems, occurred at the same time as the release of Microsoft’s January patches, but the two are unrelated

Activation failures that have hit volume-licensed Windows 7 systems in recent days are not due to bugs in Microsoft’s January patches, but to a separate issue, Microsoft has said.

System administrators reported seeing “Windows is not genuine” error messages appear on in some cases thousands of Windows 7 machines this week, following the January’s Windows patch release on Tuesday.

The issue appeared at the same time as another bug that blocks administrator access to remote shares on Windows Server 2008 R2 and Windows 7.

But Microsoft has now confirmed that the activation issue was caused by a change made to its activation and validation servers, which also took effect on Tuesday.

Image credit: Microsoft

Patch removal

The change was reverted the following day, but systems will remain affected until administrators remove an earlier update, KB971033.

That update was not intended for systems volume licensed using Key Management Service (KMS) activation, being intended only for retail devices, but has been mistakenly installed on large numbers of Windows 7 volume-licensed systems nonetheless, according to user reports.

The KB971033 update, released last April, is a tweak to Windows’ activation technologies.

Microsoft provided instructions for removing it from volume-licensed systems in a support document, and said it recommends the update be from volume-licensed systems even if they are not affected by the activation-failure flaw.

“Some users may receive the Windows Activation or ‘Windows is not genuine’ notifications starting at or after 10:00 UTC, January 8, 2019,” Microsoft said in the document.  “A recent update to the Microsoft Activation and Validation unintentionally caused a ‘not genuine’ error on volume-licensed Windows 7 clients that had KB 971033 installed.

“This timing coincides with the release of the ‘1B’ January 2019 updates (KB 4480960 and KB 4480970) that were released on Tuesday, January 8, 2019. These events are not related.”

In November of last year Microsoft’s anti-piracy systems also accidentally disabled legitimate Windows 10 Pro systems.

Microsoft said at the time that the issue was due to a bug in its activation servers and affected a “limited number” of Windows 10 Pro users.

Network share bug

The January monthly release of Windows patches includes fixes for serious security flaws, including a PowerShell flaw and mitigations for Meltdown and Spectre side-channel attacks.

But administrators reported that it also blocks some network shares using the SMBv2 file-sharing protocol.

Microsoft acknowledged the issue in the update’s support page and provided a workaround for it while it works on a fix.

“Local users who are part of the local ‘Administrators’ group may not be able to remotely access shares on Windows Server 2008 R2 and Windows 7 machines after installing the January 8th, 2019 security updates,” Microsoft said.

“To work around this issue use either a local account that is not part of the local ‘Administrators’ group or any domain user (including domain administrators). We recommend this workaround until a fix is available in a future release.”

Click to read the authors bio  Click to hide the authors bio