Get all security patches without WGA nightmares

Susan bradley By Susan Bradley

If you’re a legitimate Microsoft customer, you can download and install all the Windows updates you need without running Windows Genuine Advantage (WGA) and exposing yourself to the false positives it’s become known for.

In today’s article, I explain how to install Windows XP and upgrade it with every available security fix and many optional updates as well, without ever installing WGA.

In an April 16 Windows Secrets story, contributing editor Ryan Russell argued that WGA poses a risk to the world because Microsoft prevents machines that fail WGA validation from getting some security patches through Windows’ Automatic Updates mechanism. Unpatched machines are vulnerable to remote attacks that enroll them in hackers’ bot armies.

In today’s Known Issues column, several WS readers report that WGA wrongly disabled software they’d legitimately purchased. (An Ars Technica article back in January 2007 estimated at least 5 million WGA false positives, based on Microsoft’s own numbers.) However, other readers defend the technology.

In the Windows Security Blog last month, Microsoft developer Paul Cooke claimed in a post that “all security updates go to all users,” whether or not their machines have failed WGA validation.

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.



= Paid content

All Windows Secrets articles posted on 2009-05-21:

Susan Bradley

About Susan Bradley

Susan Bradley is a Small Business Server and Security MVP, a title awarded by Microsoft to independent experts who do not work for the company. She's also a partner in a California CPA firm.