Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
320x100 Itcentric
Enterprise BusinessLog 970x120 1
Microsoft Blocks KMS38 Activation Method for Windows 10 and 11

Microsoft Blocks KMS38 Activation Method for Windows 10 and 11

Redazione RHC : 23 November 2025 13:39

Users noticed that last week Microsoft developers disabled the offline activation method for Windows 11 and 10 via KMS38, which has been used by hackers around the world for years. However, the official release notes don’t mention these changes.

KMS38 was developed by enthusiasts from the Massgrave project ( MAS, Microsoft Activation Scripts ), known for its repository of unofficial tools for activating Windows and Office .

The essence of this activation method was to trick the system file GatherOSstate.exe ( a utility that determines whether the current system is eligible for an upgrade ), extending the Key Management Service ( KMS ) activation period from the usual 180 days to January 19, 2038 .

Setting a more distant date was prevented by the year 2038 (Y2K38) problem.

The fight against KMS38 began almost two years ago.

The first signs appeared in January 2024, when gatherosstate.exe disappeared from the Windows 26040 installation image. This meant that during major upgrades and reinstallations, the system would reset the activation grace period , forcing the user to reconnect to the KMS server.

However, the final blow to KMS38 came with the optional Windows 11 update KB5067036, released in October 2025. In this update, Microsoft completely removed the GatherOSstate feature, and after November’s Patch Tuesday (KB5068861 and KB5067112) , KMS38 finally stopped working.

Massgrave developers have confirmed that this method no longer works. In the latest version of MAS 3.8, KMS38 support has been completely removed.

Massgrave recommends users to use alternative methods: HWID (hardware ID) and TSforge, which also work.

It’s worth noting that in 2023, it emerged that Microsoft support engineers themselves sometimes resort to Massgrave’s Windows activation solutions.

Furthermore, it has been repeatedly emphasized that Massgrave’s tools are open source and that the project files have long been available on Microsoft’s GitHub . However, the company takes no action against crackers.

Immagine del sitoRedazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli