Microsoft Support is pirating Windows on customer's computers instead of fixing activation issues

[Delinja]

Hi folks,

 

So the other day, I upgraded to Windows 11 as well as my PC, and thus my digital Win 10 license with it. After running the hardware changes troubleshooter, it managed to pick up the new license and all was well.

Couple days later I noticed some weird behaviour in Windows 11, like the Windows Security Dashboard was failing to open because Defender was not found for some reason, so I used the "Reset my PC" option.

 

After the reset, activation was no longer working for some reason. So I did what you would normally do, and went onto Microsoft's support site (support.microsoft.com). I ended up speaking to a few different people on the phone but everyone just kept transferring me instead of helping me fix my issue. Finally, the last person told me to call the UK number the following day as they would be able to help me. Long story short, all the MS support numbers don't actually work anymore and they just redirect you back to the support website.

 

So the next day I went into the Activation screen and used the "Get Help" button. This is important to note, to demonstrate that this was genuine MS support and not some sort of scam, the verification emails they sent were also from a Microsoft  domain. This ended up putting me in a chat with another MS support person. They used Quick Assist to connect to my computer and did a bunch of troubleshooting steps. When none if it worked, eventually they went on "msg*ides.com" (not sure if domains are allowed here), and started following a "How to use Win 11 for free" guide. Basically they pointed Windows to a custom KMS, which almost certainly spoofs the key verification, and used a generic Key to activate the correct edition of Win 11.

 

Naturally this seemed extremely dubious, so I called them out and asked them if this is legit, and they assured me that it was. I then created another chat with another person and asked them to verify the same and they did - so this is clearly not a rogue employee but part of the MS support script. In fact, I found this thread from a year ago which describes exactly the same process, so this has been going on for a while.

 

So yeah, not really looking for advice on this, but I wanted to get this out there for people to see. I don't think I've ever experienced worse support than this in my life.

@LinusTechfigured this may be an interesting topic for WAN show, I couldn't find any other posts about this on the forum. Happy to provide more details if necessary.

 

[DigitalGoat]

1 hour ago, Delinja said:

Hi folks,

 

So the other day, I upgraded to Windows 11 as well as my PC, and thus my digital Win 10 license with it. After running the hardware changes troubleshooter, it managed to pick up the new license and all was well.

Couple days later I noticed some weird behaviour in Windows 11, like the Windows Security Dashboard was failing to open because Defender was not found for some reason, so I used the "Reset my PC" option.

 

After the reset, activation was no longer working for some reason. So I did what you would normally do, and went onto Microsoft's support site (support.microsoft.com). I ended up speaking to a few different people on the phone but everyone just kept transferring me instead of helping me fix my issue. Finally, the last person told me to call the UK number the following day as they would be able to help me. Long story short, all the MS support numbers don't actually work anymore and they just redirect you back to the support website.

 

So the next day I went into the Activation screen and used the "Get Help" button. This is important to note, to demonstrate that this was genuine MS support and not some sort of scam, the verification emails they sent were also from a Microsoft  domain. This ended up putting me in a chat with another MS support person. They used Quick Assist to connect to my computer and did a bunch of troubleshooting steps. When none if it worked, eventually they went on "msg*ides.com" (not sure if domains are allowed here), and started following a "How to use Win 11 for free" guide. Basically they pointed Windows to a custom KMS, which almost certainly spoofs the key verification, and used a generic Key to activate the correct edition of Win 11.

 

Naturally this seemed extremely dubious, so I called them out and asked them if this is legit, and they assured me that it was. I then created another chat with another person and asked them to verify the same and they did - so this is clearly not a rogue employee but part of the MS support script. In fact, I found this thread from a year ago which describes exactly the same process, so this has been going on for a while.

 

So yeah, not really looking for advice on this, but I wanted to get this out there for people to see. I don't think I've ever experienced worse support than this in my life.

@LinusTechfigured this may be an interesting topic for WAN show, I couldn't find any other posts about this on the forum. Happy to provide more details if necessary.

 

Well regardless of the 'support' you received or where you got it from it is perfectly valid to use a Windows generic key to install Windows if needed, once the PC connects to the internet and MS servers it will activate via a digital licence as long as there is either an embedded key in the BIOS and/ or the hardware configuration has previously been activated via either a valid key or a digital licence.

The snippet of conversation you show doesn't mention anywhere a custom KMS service being used, where did they say that was how they were activating Windows?

You can see the type of activation and licence on your PC by opening a command prompt and typing SLMGR /DLV the resulting dialogue will show you the type of licence and the activation method.

[Delinja]

5 hours ago, DigitalGoat said:

Well regardless of the 'support' you received or where you got it from it is perfectly valid to use a Windows generic key to install Windows if needed, once the PC connects to the internet and MS servers it will activate via a digital licence as long as there is either an embedded key in the BIOS and/ or the hardware configuration has previously been activated via either a valid key or a digital licence.

The snippet of conversation you show doesn't mention anywhere a custom KMS service being used, where did they say that was how they were activating Windows?

You can see the type of activation and licence on your PC by opening a command prompt and typing SLMGR /DLV the resulting dialogue will show you the type of licence and the activation method.

EDIT: Updates the original post with the second conversation I had with support.

 

Generic key is fine, using a custom KMS to bypass verification is not. This is what they set up on my machine. 

[DigitalGoat]

3 hours ago, Delinja said:

EDIT: Updates the original post with the second conversation I had with support.

 

Generic key is fine, using a custom KMS to bypass verification is not. This is what they set up on my machine. 

Reading the added conversation elements I get the feeling that the person you were talking to either did not understand or did not fully read your part about the KMS and was more concerned with explaining that a generic key (or as they called it a default key) was fine for activating Windows, this is actually not accurate, the default key allows you to install a version of Windows, there are keys for Home, Pro, Enterprise etc.

Activation occurs when the hardware ID of the machine is compared to the ID held by MS activation servers or for new machines when the entered product key is confirmed valid and a machine ID is then generated.

The activation status depends on the machine having a BIOS embedded key or having a valid product key entered or previously used to activate Windows on that machines ID.

This is then a digital entitlement to install and run Windows in an activated state on that machine.

Microsoft can at it's discretion enable a machine to obtain a digital entitlement and has been know to do so when someone for example tries to use an OEM version of Windows on a new motherboard (this in theory is not allowed) but they certainly do not do so using a KMS system.

In your case the person who set up a KMS validation service on your machine did not 'activate' Windows properly, you will find that your copy of Windows will de activate sooner or later either because the KMS server shuts down/ is forced to shut down or Microsoft does a purge of invalid entitlements, as they do often.

The crux of this is that YOU are pirating Windows if you continue to run that copy activated via a KMS server regardless of who set it up for you.

It makes me wonder if you were indeed talking to an official Microsoft contact and whether anything else was setup on your mchine without your knowledge since you handed over control, or if this is just a case of extremely poor support taking a shortcut rather than doing the activation the correct way.

[Delinja]

10 hours ago, DigitalGoat said:

Reading the added conversation elements I get the feeling that the person you were talking to either did not understand or did not fully read your part about the KMS and was more concerned with explaining that a generic key (or as they called it a default key) was fine for activating Windows, this is actually not accurate, the default key allows you to install a version of Windows, there are keys for Home, Pro, Enterprise etc.

Activation occurs when the hardware ID of the machine is compared to the ID held by MS activation servers or for new machines when the entered product key is confirmed valid and a machine ID is then generated.

The activation status depends on the machine having a BIOS embedded key or having a valid product key entered or previously used to activate Windows on that machines ID.

This is then a digital entitlement to install and run Windows in an activated state on that machine.

Microsoft can at it's discretion enable a machine to obtain a digital entitlement and has been know to do so when someone for example tries to use an OEM version of Windows on a new motherboard (this in theory is not allowed) but they certainly do not do so using a KMS system.

In your case the person who set up a KMS validation service on your machine did not 'activate' Windows properly, you will find that your copy of Windows will de activate sooner or later either because the KMS server shuts down/ is forced to shut down or Microsoft does a purge of invalid entitlements, as they do often.

The crux of this is that YOU are pirating Windows if you continue to run that copy activated via a KMS server regardless of who set it up for you.

It makes me wonder if you were indeed talking to an official Microsoft contact and whether anything else was setup on your mchine without your knowledge since you handed over control, or if this is just a case of extremely poor support taking a shortcut rather than doing the activation the correct way.

The support person was genuine, unless you are suggesting somebody modified my copy of Windows to intercept support requests from the built-up Get Help app, sent me a verification code from a Microsoft domain, and then proceeded to activate Windows for me to cover their malicious tracks.

 

This is not the first time it has happened as I shared that reddit post describing the exact same thing, from over a year ago. This is cleary a pattern of behaviour from the god awful support Microsoft has subcontracted. 

[DigitalGoat]

8 minutes ago, Delinja said:

The support person was genuine, unless you are suggesting somebody modified my copy of Windows to intercept support requests from the built-up Get Help app, sent me a verification code from a Microsoft domain, and then proceeded to activate Windows for me to cover their malicious tracks.

 

This is not the first time it has happened as I shared that reddit post describing the exact same thing, from over a year ago. This is cleary a pattern of behaviour from the god awful support Microsoft has subcontracted. 

Yes I agree, which is why I ended with : "It makes me wonder if you were indeed talking to an official Microsoft contact and whether anything else was setup on your mchine without your knowledge since you handed over control, or if this is just a case of extremely poor support taking a shortcut rather than doing the activation the correct way".

It is also still possible that since the person set up a KMS check to 'activate' your copy of Windows they could easily have set up anything else they wanted, they had control of your machine remotely afterall.

[Delinja]

5 hours ago, DigitalGoat said:

Yes I agree, which is why I ended with : "It makes me wonder if you were indeed talking to an official Microsoft contact and whether anything else was setup on your mchine without your knowledge since you handed over control, or if this is just a case of extremely poor support taking a shortcut rather than doing the activation the correct way".

It is also still possible that since the person set up a KMS check to 'activate' your copy of Windows they could easily have set up anything else they wanted, they had control of your machine remotely afterall.

I have since reinstalled Windows, but they didn't do anything malicious as far as I can tell - not that that makes me feel any better. I was observing them during the screen share, and had to approve UAC prompts whenever they were doing stuff that required admin access. 

[grss1982]

On 1/9/2023 at 4:48 PM, Delinja said:

The support person was genuine, unless you are suggesting somebody modified my copy of Windows to intercept support requests from the built-up Get Help app, sent me a verification code from a Microsoft domain, and then proceeded to activate Windows for me to cover their malicious tracks.

 

This is not the first time it has happened as I shared that reddit post describing the exact same thing, from over a year ago. This is cleary a pattern of behaviour from the god awful support Microsoft has subcontracted. 

 

Can confirm that's actually legit Microsoft Support via chat. Connected to them a few times in the past.

 

During the past two years they've actually made it harder to contact an actual person. And most of the numbers you see online do advise you to use Get Help or it's web version: https://support.microsoft.com/en-us/home/contact?SourceApp=smc2&ContactUsExperienceEntryPointAssetId=S.HP.SMC-HOME 

You have to be filtered through this Get Help app or link. You need a Microsoft account for this to work.

 

I'll hazard a guess they sent or provided you a service request number.