Hacker group releases updated tool to activate almost all modern Microsoft software

A

Alfonso Maruccia

Posts: 1,579   +452
Staff
WTF?! A hacking collective has released what some call the "largest breakthrough in Windows/Office piracy ever." The new method permanently activates most Microsoft products, bypassing Redmond's DRM system entirely. Yet, the company doesn't seem to care.

Massgrave, an elusive team behind some of the most effective Windows and Office activation tools, has added a new weapon to its arsenal. The "TSforge Activation" method can permanently activate many Windows and Office versions. It can also provide users with a convenient way to access Windows 10 patches beyond October 2025.

The hackers introduced their Microsoft Activation Scripts (MAS) project in 2024, claiming it would completely dismantle Microsoft's DRM protections. The newly released MAS 3.0 update adds the TSforge Activation method to the toolkit. It also includes patches and improvements for existing activation scripts.

Massgrave claims that TSforge is one of the most powerful and far-reaching activation exploits ever added to MAS. In a recent blog post, the hackers detailed how they discovered and developed the exploit, offering an in-depth explanation of Microsoft's Windows activation protection system.

Redmond refers to its modern DRM technology as the "Software Protection Platform" (SPP). This "highly complex" system consists of several components, with product activation information stored in two key files: the "physical store" (data.dat) and the "token store" (tokens.dat). TSforge exploits this system by injecting forged data into these stores, bypassing all checks and forcing SPP to recognize a fake product key or confirmation ID as valid.

The TSforge activation method supports Windows 7 and later versions of the OS, including Windows Server (2008 R2 through 2025). It also works with Office 2013 to 2024, running on Windows 8 or newer.

Users can activate various add-ons for commercial Windows licenses, including the Extended Security Updates (ESU) program, available for some Windows 7 to 10 editions. Alternatively, they can extend Windows 10 updates through methods previously discovered for Windows 7.

The Microsoft Activation Scripts (MAS) toolkit offers several methods for activating newer Windows and Office releases. Massgrave developers commend Microsoft, stating that the new SPP is a well-designed, advanced DRM system that significantly improves upon the "poorly designed" DRM of Windows XP.

The group claims that the MAS toolkit is a popular open-source project hosted on GitHub, which Microsoft owns, so no piracy is technically involved. They describe it as an alternative activation method – one that Microsoft support employees allegedly use when all other methods fail.

Permalink to story:

Hacker group releases updated tool to activate almost all modern Microsoft software

 
TechSpot seems to be campaigning to have these activators shut down. I guess someone has to look out for poor defenseless innocent Microsoft. What's the kill rate for fan projects so far?
 
They may not be spreading pirated software or making money from it but they're contributing to piracy. Microsoft is going to catch on sooner or later.
 
  • Like
Reactions: p51d007
GABulldog said:
They may not be spreading pirated software or making money from it but they're contributing to piracy. Microsoft is going to catch on sooner or later.
Click to expand...

They literally host their tool on Github, which is owned by Microsoft. As far as I can Microsoft has decided they would rather have those tech savy enough to pirate go ahead and activate a clean (well, nothing that is not MS approved anyways lol) copy of Windows than use virus laden cracks, or even worse, start to dabble in Linux.
 
  • Like
Reactions: astralcyborg, Fastturtle and TommyBoyFL
Squid Surprise said:
MS has rarely cared about piracy in Windows or Office… they make the vast majority of their profits from businesses who can’t pirate for fear of audits…

If anything, MS actually benefits from piracy as it increases the user base for them.
Click to expand...

- Yep, Microsoft makes a pittance on each actual windows key sale (and there have been plenty of methods for picking up dirt cheap "grey market" keys for years now) and is really making its money from people voluntarily installing a major telemetry and data gathering tool.

It also ensures that Windows is the first OS most people will use, the OS most devs will learn on, and the OS most will code and write software on, ultimately reinforcing the ecosystem.

Hell, you don't have to pay anything to use Windows right now, only some basic QOL features and a transient watermark show up with the free install, otherwise it's a fully functional OS.
 
  • Like
Reactions: magoid, 0dium and seeprime
I was a Windows pirate up until Windows 8 when I found key sites. They're too cheap and accessible to go the torrent route. These hacks come a little too late.
 
Nice. Glad there’s a group working on reigning in the costs for some. On a side note, TechSpot recently had a Windows 11 promo for $18 on StackSocial. The same platform offers a complete lifetime Office Suite for $35-60. At these prices, one can go back to paying for stuff once again…
 
  • Like
Reactions: BadThad and ScottSoapbox
Primey said:
MS doesn't bother. KMS_VL_ALL has been around for 4 years on github
Click to expand...
4+4+4+4.

M$lop don't care about these things, Azure and Office are what has made the company that is an NSA tool (they were an essential pillar in the Echelon spying project and it's only got worse since then) a trillion USD leach.
 
Alfonso Maruccia said:
According to GitHub's API, the MAS repo has been online since 2020. Microsoft is well aware of that, me thinks.
Click to expand...

Microsoft owns Github so I agree, however, increased awareness brings increased usage. Increased usage is increased damages, raising the priority of the perceived threat.

Ultimately thieir concern is going to be the rate at which it bleeds their profits.
 
NumberNine said:
Microsoft owns Github so I agree, however, increased awareness brings increased usage. Increased usage is increased damages, raising the priority of the perceived threat.

Ultimately thieir concern is going to be the rate at which it bleeds their profits.
Click to expand...
But it doesn’t bleed their profits… MS makes money from businesses, not individuals… pirated Windows and Office copies only serve to expand their user base and reinforce their virtual monopoly over the OS and Office market.
 
  • Like
Reactions: Burty117 and Liranan
Squid Surprise said:
But it doesn’t bleed their profits… MS makes money from businesses, not individuals… pirated Windows and Office copies only serve to expand their user base and reinforce their virtual monopoly over the OS and Office market.
Click to expand...
Exactly. Billy Boy once admitted that he'd rather people pirate Windows than switch to competing products.
 
NumberNine said:
TechSpot seems to be campaigning to have these activators shut down. I guess someone has to look out for poor defenseless innocent Microsoft. What's the kill rate for fan projects so far?
Click to expand...

MAS(and its predecessors, KMS activators) have been used by millions of people for nearly a decade. Do you really think microsoft doesn't know about it?

Microsoft's income on Windows comes from corporations and OEM sales, not individual purchases. Janky cracked copies and bootlegs like from the XP era spread viruses and damage their brand. And of course the worst case for them is people installing Linux instead. Trying to fight piracy cost them a lot while gaining them nothing. And ultimately, they have no grounds to shut down MAS even if they had a profit motive to do so.
 
Microsoft wouldn't remove these, I've been saying it for a long time now, the harder you squeeze, the more slips through your fingers, if Microsoft squeezed any harder, you will find more people looking for alternatives. That would properly hurt Microsoft, so they would rather you ran Windows without paying, than use an alternative.
 
Liranan said:
Exactly. Billy Boy once admitted that he'd rather people pirate Windows than switch to competing products.
Click to expand...
And with how functional, especially out of the box some linux distros have become, they better keep it that way lol. The only thing Windows truly has going for it anymore is Adobe, Microsoft 365 garbage and for me personally...FxSound. Basically everything is dumbed down with the penguin these days.
 
Burty117 said:
Microsoft wouldn't remove these, I've been saying it for a long time now, the harder you squeeze, the more slips through your fingers, if Microsoft squeezed any harder, you will find more people looking for alternatives. That would properly hurt Microsoft, so they would rather you ran Windows without paying, than use an alternative.
Click to expand...


"I've been saying it for a long time now, the harder you squeeze, the more slips through your fingers"

I believe Greorge Lucus was saying that alot longer than you.
 
Squid Surprise said:
But it doesn’t bleed their profits… MS makes money from businesses, not individuals… pirated Windows and Office copies only serve to expand their user base and reinforce their virtual monopoly over the OS and Office market.
Click to expand...

Microsoft may dominate SMB, but when it comes to real enterprise, vendors stop asking for Windows servers in favor of Linux. Even Microsoft themselves wouldn't dare Run Azure on top of Windows. However, this is about endpoints and we can't blindly pretend it's cool to promote (useful) piracy in the middle of their forced transition to a new OS.

If they never fix it like XP key slipstreaming, fine, victory for all... but bigger picture, when they need a lever to pull and make numbers go up for Windows 11, they may pull this one a lot sooner with there being a new headline in the news for every version update.
 
"For Windows 10 and 11, it is recommended to use the HWID method to activate Windows. TSforge is both less reliable and lacks features that HWID offers, such as the ability to survive feature upgrades and complete OS reinstall."
 
The actual code on github amounts to 16,580 lines (that obviously includes many lines of comments, but even if we generously assumed they amount to 10% of the code, that still amounts to nearly 15,000 lines of code).

I'm not a coder, there's no way I could really assess if there's anything...nefarious...in the code, but I'm wondering if any third-party auditors have reviewed it? I have mixed feelings about using it without some assurance from uninvolved parties that the code is 'clean'...
 
You must log in or register to reply here.

Similar threads

A
Hacking group claims to have cracked Microsoft's software licensing security on a massive scale
Replies
19
Views
362
Bone fletcher
Bone fletcher
D
Elon Musk's xAI releases Grok 3 AI model with DeepSearch, voice mode, and more
Replies
3
Views
40
ArmorJr
ArmorJr
Daniel Sims
Obsidian's fantasy RPG Avowed is the first to enable Microsoft Store, Xbox, and Battle.net cross-buy
Replies
21
Views
180
Namtrooper
Namtrooper

Latest posts

Back