OEMs will no longer used the same key for every Windows PC shipped.
Several NDA-tainted slides have been leaked that reveal a new activation process used by the OEM version of Windows 8. The new product activation standard is called OEM Activation 3.0 (AKA OA 3.0), and provides benefits over the previous version used in Windows 7, OA 2.1, such as allowing OEMs to digitally order and receive product keys directly from Microsoft.
For the uninitiated, the OA process allows PC manufacturers to ship systems with Windows pre-installed and already activated so that end users aren't required to take additional activation steps when they boot up their rig for the first time. Hackers usually take advantage of the OA process to activate pirated copies of Windows using fake license keys.
However hackers now face a new challenge. The leaked slides show the difference between the OA of old, and the new system that will be used in Windows 8. To crack down on piracy, manufacturers will be required to write a unique Windows product key -- which is associated with the hardware hash -- into the system's BIOS instead of using the same product key for every shipped desktop or laptop.
The new OA system will also require OEMs to supply production reports to Microsoft, detailing their license compliance. A "Genuine Microsoft" label must also be affixed to the chassis, dumping the previous "Windows Certificate of Authenticity" sticker. Unused keys can be returned in real-time without shipping or insurance costs, according to the leaked slides.
"OA 3.0 is the new product activation standard for Microsoft, beginning with Windows 8," one slide states. "The new program enables OEMs to digitally order and receive product keys from, and report computer information to, Microsoft as well as enable activation of software on specific hardware."
In comparison, OA 2.1 allowed OEMs to write the same bypass key into the BIOS of every shipped PC. The Certificate of Authenticity was shipped from an authorized replicator and sent to the OEM's shipping address. When received, they were required to be affixed to the chassis (just like the current label). OEM's were not required to send production reports, and the RMA had limitations.
Products not eligible for OA 3.0 at launch include non-client Windows 8 products (Windows Server, Windows Embedded), and previous version of the OS including Windows 7, Vista and others. To see the additional leaked slides, head here.