A notorious hacking collective known as Massgrave has unveiled what experts consider a groundbreaking method to permanently activate most Microsoft products, effectively bypassing the company's digital rights management (DRM) system.
The group recently released version 3.0 of their Microsoft Activation Scripts (MAS) project, introducing a new technique called "TSforge Activation." This method reportedly works with Windows versions from Windows 7 onward, including Server editions, and Office versions from 2013 to 2024.
According to details shared by Massgrave, TSforge exploits Microsoft's Software Protection Platform (SPP) by manipulating two key system files - data.dat and tokens.dat - which store product activation information. By injecting forged data into these stores, the tool tricks the system into accepting unauthorized product keys.
The hackers claim their tool can also enable users to receive Windows 10 security updates beyond the October 2025 end-of-support date through methods similar to those previously used for Windows 7.
In an unusual turn of events, Massgrave praised Microsoft's modern SPP system as well-designed and advanced, particularly when compared to older Windows XP DRM implementations. The group maintains that their toolkit, hosted on GitHub (which Microsoft owns), should not be considered piracy but rather an "alternative activation method."
The hackers allege that even Microsoft support staff occasionally use their tools when conventional activation methods fail, though these claims remain unverified.
Despite the potentially serious implications of this security bypass, Microsoft has not yet publicly addressed the release of this activation tool or its widespread availability.