Microsoft expands Office antipiracy 'nagging'

U.S., U.K. and 11 other countries added to 'voluntary' program that pesters pirates with on-screen messages

Microsoft Corp. today announced it was expanding an antipiracy program for Office to the U.S., the U.K. and 11 other countries that will identify pirated copies of the suite and nag users with on-screen messages.

The expansion follows a pilot program Microsoft launched in four countries in April 2008, then extended to an additional 24.

This is the first time, however, that Microsoft has asked U.S. users to install a notifications component that pesters users if it determines the copy of Office is illegitimate.

Microsoft said the download of the notification component was "voluntary," and that it has started to push the software to users today. Because the program is launching over several months, not everyone will see it immediately.

For Windows XP users, the update is marked "High Priority" in the list generated when they retrieve downloads from Microsoft Update; Vista users see it tagged as "Important." Even if users have Automatic Updates set to download and install all updates, the notifications software requires users to accept an End User License Agreement (EULA) before it will install.

However, once it's downloaded and installed, the new notifications application cannot be uninstalled.

The notifications component that Microsoft is pitching is separate from the companion validations element: The former posts periodic messages on the screens of PCs running illegal copies of Office, while the latter determines if the software is legitimate.

At one time, Office users had to validate their copies in order to access add-ons, such as free Office 2007 templates, and to use Office Update, an Office-only service that was just terminated in favor of the combination Windows-Office service dubbed "Microsoft Update."

Last spring, Microsoft dropped those requirements, and allowed users running counterfeit copies to download add-ons. With the disappearance of Office Update earlier this month, all users can grab security and bug-fix updates via Microsoft Update, regardless of the status of their software.

According to Microsoft's support site, Office Genuine Advantage Notifications software puts up a message when a pirated copy is launched. "This copy of Microsoft Office is not genuine," the message reads.

"Please excuse this interruption. This copy of Microsoft Office did not pass validation. Click Learn More for details and for help identifying the best way to get genuine Microsoft Office."

Microsoft also adds a message-bearing toolbar to Office XP and Office 2003, and adds a similar message to the "ribbon" interface of Office 2007. "This copy of Office is not genuine. Click here to learn more," the toolbar and ribbon messages read.

Office 2010, the still-in-the-works version slated to ship in the first half of next year, will also include antipiracy validation and notification elements.

Microsoft has periodically faced resistance to its anticounterfeit programs, including Windows Genuine, as well as the lesser-known Office cousin.

At times, the complaints have been extremely vocal. Last year, Microsoft inadvertently pushed the pilot notifications program -- meant to reach users only in Chile, Italy, Spain and Turkey -- to customers worldwide via Windows Server Update Services (WSUS), triggering a flood of false warnings and getting system administrators hot under the collar.

To make matters worse, the notifications update to WSUS machines had been ranked "Critical," which meant most corporate update servers automatically approved it and pushed it to client PCs.

"This update was deployed as a CRITICAL Update? While this may be critical to Microsoft's bottom line, any clear-thinking IT person would assume (silly me) that a critical update would be critical to IT in the sense of stability or security," said a user identified as Chris Edwards-Dawn in a support forum at the time.

Microsoft acknowledged its mistake, but waited several days to provide an official explanation.

As it has in the past, Microsoft today said the expansion of its Office program was meant to protect customers.

"The ultimate goal of our programs that stem the flood of piracy is not only to lessen the impact of these illegal activities, but also to ensure that our customers enjoy all the capabilities -- as well as the peace of mind -- that come with using genuine software," said Cori Hartje, senior director of Microsoft's anticounterfeit group, in a statement.

A Microsoft spokeswoman added to Hartje's comment saying, "Non-genuine software has been shown to be more vulnerable to viruses and spyware, which can be used to damage a user's PC or steal their personal information."

Users whose copies of Office 2007 are flagged as bogus -- and only Office 2007; earlier editions aren't eligible -- may qualify for a free replacement through Microsoft's Office Complimentary Offer.

Join the CSO newsletter!

Error: Please check your email address.

Tags anti-piracyMicrosoftmicrosoft officepiracy

More about Microsoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gregg Keizer

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place