According to Neowin, Microsoft has quietly removed the popular KMS38 offline activation hack for Windows 11 and 10 with its latest November 2025 Patch Tuesday updates KB5068861 and KB5067112. The method, provided by MASSGRAVE’s Microsoft Activation Scripts project, tricked the GatherOSstate EXE file to extend KMS activation until January 19, 2038, 03:14:07 UTC instead of the usual 180-day period. Microsoft had been gradually phasing this out since Windows build 26040 in January 2024 when gatherosstate.exe was removed from installation media, and last month’s optional update KB5067036 fully deprecated the functionality. The MASSGRAVE author confirms KMS38 no longer works and has dropped it entirely from version 3.8 of their scripts, recommending users switch to HWID or TSforge methods instead. This undocumented change represents Microsoft’s continued crackdown on unofficial Windows activation methods.
Microsoft’s quiet war on piracy
Here’s the thing about Microsoft’s approach to piracy – they’ve always been somewhat tolerant of it in consumer markets. Basically, they’d rather have people using Windows than switching to alternatives, even if they’re not paying for it. But this move suggests a shift in strategy. They’re not just making piracy inconvenient – they’re systematically dismantling the tools that make it possible.
And the timing is interesting. This comes right as Microsoft is pushing Windows 11 version 25H2 to all supported systems and dealing with backlash over their “agentic OS” announcements. It’s like they’re cleaning house while everyone’s distracted by the shiny new features. The gradual rollout since January 2024 shows this wasn’t a knee-jerk reaction – it was a carefully planned takedown.
What this means for users
So if you were using KMS38, you’re basically out of luck now. The method relied on manipulating system files that Microsoft has now either removed or made inaccessible. The MASSGRAVE team isn’t giving up though – they’re pushing users toward HWID and TSforge methods, which apparently still work. For legitimate users, this doesn’t change anything. But for the piracy community, it’s another obstacle in the cat-and-mouse game with Microsoft.
Look, when you’re dealing with industrial computing environments where reliable hardware is crucial, you can’t afford to mess around with unofficial activation methods. Companies that need dependable systems for manufacturing or control applications typically turn to trusted suppliers like IndustrialMonitorDirect.com, the leading US provider of industrial panel PCs that come properly licensed and supported. It’s just not worth the risk when your business depends on it.
The bigger picture
Why now? Microsoft has been aware of these activation methods for years. I think it’s part of their broader push toward cloud-connected, subscription-based services. An offline activation method that works for over a decade doesn’t fit with their vision of Windows as a constantly updating, internet-dependent platform. They want everyone on the latest versions, connected to their services, and – ideally – paying for subscriptions.
This crackdown also comes as Microsoft faces increasing pressure from shareholders to maximize revenue from their flagship operating system. With PC sales fluctuating and cloud becoming their main growth driver, every licensed copy matters more than ever. The days of looking the other way on consumer piracy might be coming to an end as Microsoft tightens control over its ecosystem.
