| Demo Results |
|---|
This page contains a simple demo of how the Windows 98 Registration Wizard (RegWiz) can
leak hardware and customer ID numbers. The first two of these numbers is called the
Hardware ID or HWID. It is a unique number assigned by Microsoft which identifies your
computer. It also contains the address of your Ethernet adapter if one is present in your
system. The address is located in the last 12 digits of the HWID.
The second serial number is called your Microsoft ID or MSID. C'T Magazine of Germany has determined that this number is put in your www.microsoft.com cookie to track your movements around the Microsoft Web site. It is a unique serial number which identifies you as the person who registered the Windows 98 software on this computer. To check on your Windows 98 registration, see the Microsoft Personal Information Center.
As this page shows, due to a bug in the RegWiz ActiveX control, these two numbers can also be read by other Web sites and stored in their own databases. Normally these two ID numbers are only available to Microsoft.
For this demo page, the numbers are only displayed on your screen and not sent to anyone else.
The bug in the RegWiz ActiveX control only exists when running Windows 98 or Windows 2000 and Internet Explorer 4 (or 5). It does not occur in Windows 95 or Windows NT. Also the bug cannot happen in Netscape Navigator because Navigator cannot execute ActiveX controls.
Because the HWID contains an Ethernet adapter address, a leaked HWID can potentially be used to track the origin of Word97 and Excel97 files which are also accidently being fingerprinted with Ethernet adapter addresses.
Questions, comments? [email protected]