Announced recently on bink.nu was Microsoft KB article 948472.

Basically:

Any edition of Windows Server 2008 may be installed without activation, and it may be evaluated for 60 days. Additionally, the 60-day evaluation period may be reset (re-armed) three times. This action extends the original 60-day evaluation period by up to 180 days for a total possible evaluation time of 240 days.

This is achieved, by using the slmgr.vbs script shipped in the image, in the System32 folder. The process can be automated through Task Scheduler, using an XML file, the contents of which are in the KB article.

I haven’t tried this approach yet, but I believe the key here is to not let the 60 days elapse! The article makes serveral references to performing the rearm’s “just before the end of …” each 60-day period.

I’ll have a closer look over the weekend and do a follow up post with the results.

As Microsoft’s 3rd Law of security states, if you have physical access, then it’s not your box anymore. And this is just another good reason why physical security is one layer in your security policy. You do have a multi-layered security policy don’t you?

Really, this comes down to, why MS:

1. Give an anonymous console user the ability to kick of a SYSTEM level process. DOH!
2. Not having the GINA validate what it is launching.
3. Having this as the default and not an option. DOH! Again!
4. SYSTEM Full Control over the Active Directory – Priceless!

Windows Server 2008 is moving in the right direction, they are reducing attack surfaces out-of-the-box and producing a more secure, leaner OS, which is great. I guess they missed this one ….

The post is well worth a read, cheers Dean :)

However, I stumbled across this page on the Microsoft website which, if you haven’t seen yet, might be of interest.