BeyondTrust
I had the unfortunate experience this weekend of working with Microsoft's Genuine Office Validation Product. Let me give you the skinny on this one. Microsoft released an update that validates whether your operating system or office product is genuine or a bootleg copy several years ago. The system verifies the registration with an online database and pops up a warning saying your product may not be genuine if there is a match to their database. Sounds like a great way to stop piracy - except for when it trips incorrectly and it becomes increasingly difficult to access vulnerability patches until you verify you have a legitimate version. So how did I get into this mess? Well, a friend recently had a hard disk failure and needed to have the system re-imaged. The onsite technician reloaded the system and MS Office since it came with the computer. When he reinstalled, he did not use the license key that shipped with the computer but rather some obscure one he had in his bag of tricks. Guess what? That key is in the “bad” database from Microsoft. Okay – a simple search through an online KB database revealed a registry key to delete and restart of office to prompt for a new key. Again, simple enough. I entered the key and no dice, the registration program would not accept the original number since we had two different versions of Office installed. The only recourse was a complete uninstall and reinstall of office to correct the problem. Total time, a little over an hour but the annoyance meter started to peak at 10. A little lesson I learned a few years ago would have helped from day one. If you are like me, and you do not save every box that ships with software or hardware, I found a great way to be a minimalist about proving ownership and license keys:
1. Save all the original CDs and DVDs in a binder made to hold discs. This minimizes space to a single binder for all original software. 2. Cut out all of the UPC codes on boxes and manuals and store them in a folder. This proves purchase and ownership. 3. Save all original purchase receipts with the UPC codes. 4. Any holograms or authentication seals, cut out or rip the page off the book and store in the same folder. This proves licensing. 5. Finally, any location that has serial numbers, cut out and store as well. (Note many new systems have the OS and MS Office serial numbers directly on the PC in the form of stickers.)
This allows you to toss all books, manuals, and trash that accompanies each purchase and prove ownership and licensing if needed. These may sound trivial but how many times have you hunted for software keys and licenses for a reinstall? Simple organization will go along way and allow to keep your system up to date.

Morey J. Haber

CISO at BeyondTrust

Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored three Apress books: Privileged Attack Vectors, Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In: