Windows 8 Build 7861.0.fbl grfx dev1.101013-1700：修订间差异

=== Leak prevention ===

A near-final implementation of the [[Windows Fingerprinting Service]] has been added through the addition of a dedicated fingerprinting blob in the system, displayed on the desktop [[水印|watermark]] and the [[Winver|Version Reporter Applet]] by shell library <code>shell32.dll</code>. The fingerprint is directly appended at the end of the <code>BuildLab</code> string (queried from registry key <code>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion</code>) in the form of a build hash (officially named the "EULA hash"), computed by splitting the WFS blob into 8 arrays of 16 bytes and XORing each of the 16 bytes together. The EULA hash can then be derived in order to source build leaks to existing Microsoft affiliates; the visibility of the EULA hash and the confidentiality warnings depend on the presence of certain compiler flags.

Fingerprinting data is now stored in the registry key <code>HKLM\SYSTEM\WPA\478C035F-04BC-48C7-B324-2462D786DAD7-5P-9</code>. The registry key must exist in the Windows install, or the operating system will either refuse to boot or non-deterministically [[蓝屏死机|bugcheck]] with codes <code>KERNEL_SECURITY_CHECK_FAILURE</code> (during boot) or <code>CRITICAL_STRUCTURE_CORRUPTION</code> (if the periodic WFS check during runtime fails). Furthermore, most parts of the fingerprint data are now encrypted, and therefore require reverse engineering efforts to decode and extract the relevant information.