No, modifying the DLLs that come with Windows is not supported

From the I can't believe I had to write that file comes this question from a customer:

Our customer is modifying the ABC.DLL file that comes with Windows in order to accomplish XYZ. Is this supported?

No, of course this isn't supported. I can't believe I had to write that. if you modify a system file, then the thing you're running isn't Windows any more but is rather some sort of operating system that resembles Windows in many significant ways.

(Imagine the extreme case of this: The customer modifies NTOSKRNL.EXE, KERNEL32.DLL, USER32.DLL, etc. so that they happen to be byte-for-byte identical to the files that shipped with Windows 2000. Does this mean that Microsoft supports Windows 2000?)

The customer is just looking for an official Microsoft statement that this is not supported. They know that it's a bad idea, but their client wanted to have this feature, so when the customer tells the client "No, we can't do this," they need some sort of justification.

Oh, I see now. The customer is chicken and wants Microsoft to be the bad cop when they deliver unfavorable news to their client.

My fear is that the company, by being spineless, is now subject to manipulation from their client. "What, you're not going to let big old Microsoft tell you what you can and cannot do, are you? Be a man! Implement the feature!" And then the company will buckle under the pressure and implement the feature anyway.

And then when the feature stops working at the next security hotfix (or worse, when security hotfixes stop working because you modified the file), the client will complain back to the customer, who will defensively say, "Um, yeah, stupid Microsoft broke the XYZ feature of our product. Bad! Bad Microsoft!" Or maybe the customer's plan is to change their name and move to another country so the client can't find them when everything falls apart.

Comments (47)
  1. alegr1 says:

    I suggest someone makes a website: "IT Customers ask darndest things"

  2. Guillaume says:

    Chances are that's not the real question. Maybe they just don't know how there is an API for what they _really_ want to do, somewhere.

    I was recently asked to hack (inject a DLL in) LogonUI.exe to add a tile to the secure desktop. When I showed them the credential provider samples I already had built, they said : "Nice, but how can you be sure Microsoft won't deprecate that someday, just like the GINA ?"

    [I guess they figure it's much safer just to start with the unsupported technique right off the bat rather than take the chance that the documented method may someday become unsupported. You know, get all the risk up front. -Raymond]
  3. Debsuvra says:

    Well, Windows is not known as a open source software. So prohibition of modifying system file is a no-brainer.

  4. Gary Glasscott says:

    To be fair, most legal documents also include a good chunk of "I Can't Believe I Have to Say This But…" clarifications.  The software industry isn't alone in this – customers everywhere are both clueless and necessary.  Much like chickens.

  5. Gabe says:

    I've had a client like that. They never believed it if I said something was impossible. I never thought to ask MS for proof, though.

  6. D-Coder says:

    I read about a guy who had a solution to customers like this.

    He would say, "That will cost a million dollars."  If they didn't flinch, he would then say, " — for the first phase."

  7. pc says:

    I am curious whether Raymond actually keeps a "I can't believe I had to write that" file, and if so, how large it has become.

  8. Anonymous Coward says:

    On the other hand, a lot of people I know have patched their uxTheme DLL.

    If it's the only way to accomplish your goal, then doing something unsupported is the right thing to do.

  9. Falcon says:

    @Anonymous Coward: Of course, if you decide that it's the right thing to do FOR YOU, then you need to be prepared to support the solution yourself, since the vendor will not. Imposing such hacks on others – who may not be willing to deal with the consequences, or even aware of the situation – would be quite irresponsible, however.

    The term "unsupported" by definition revokes your right to complain.

  10. jader3rd says:

    I've been surprised with the online comments about Windows 8 where people are saying "Why won't Microsoft give direction on X?" when what they're looking for was generally answered by Steven Sinofsky's keynote. It's like they expect every little detail to be its own huge press release.

  11. kmeisthax says:

    This is not only just unsupported, it's illegal. If they want to make critical modifications to system files they should migrate to an OS that legally supports that.

  12. blah says:

    Raymond, I don't think you have a fair right to call any other company spineless.

  13. Joshua says:

    It's going to continue to happen.

    If you get people modifying system DLLs, start asking yourself why. There's probably no supported way to do what they are trying to do.

    One time I saw someone shipping out this patch that closed a security hole that was being actively exploited and the security patch wasn't available yet.

    I've seen both sides of the fence here. Sometimes what they're doing is really stupid  (e.g. changing the boot logo, injecting monitor into SSL library, homebrew file encryption by modifying CreateFile, ReadFile, WriteFile !!).

    Sometimes what they're doing is a license violation. Sometimes that needs to be stopped. Sometimes Microsoft would be better off selling the equivalent product that the patch makes (Windows Vista patched to Terminal Server behaves a lot better than a real Terminal Server!).

    Sometimes well it's just different. Somebody applied hexedit to wordpad to change the default file extension to .asm. Somebody else removed the WriteFile call that prepends the UTF-8 BOM when notepad writes out a UTF-8 file. I don't know what to make of these cases.

  14. Jules says:

    @kmeisthax: in what way illegal?  Sure, it might be a violation of MS's EULA, but doing so isn't actually illegal.  MS can sue me if they want (I'm running XP SP2 with a modified TCPIP.SYS that has the half-open connection limit increased, FYI).

  15. Matt says:

    You'd be surprised how many times I've bothered a company for the same reason.  Except it was my own, or my manager's pressure and curiosity over anything else.  It's much more likely that the developer really knew it was a terrible idea for the reasons you cite, but that their client was just being annoying and needed an exhaustive answer, like my manager.  A lot of people just won't accept "no way, dude," as an answer.  Good?  Bad?

  16. Mike says:

    If I want a definitive answer about a product I will ask the manufacturer. I don't see any problem with that and it isn't in any way "spineless" or something.

  17. Doug says:

    @"I suggest someone makes a website: 'IT Customers ask darndest things'"

    This might be the closest match:

  18. DWalker says:

    I like that comment: "some sort of operating system that resembles Windows in many significant ways".  

    Just today, I was at a computer hardware site to buy something.  They had a standard disclaimer about "fraudulent activity" (likely related to using stolen credit card numbers, or something).  Then their disclaimer said "Seriously, we have busted people".  I liked that wording — it gets your attention.

  19. MikeCaron says:

    @blah: You tell him about spinelessness, whoever you may be!

    @Jules: <IANAL>You're confusing legal with enforceable. Yes, it is illegal to knowingly violate the terms of a license agreement, and then continue to use the software. However, much like jaywalking, it's quite improbable that anyone will care in this specific case.</IANAL>

  20. ChuckOp says:

    For the MSAA SDK v1.0 we (accessibility folks within Windows; Laura B, Peter W, myself and others) shipped modified versions of USER.EXE and USER32.DLL.  This was in the days prior to digital signing and all the important release steps that must happen for out-of-band releases.  Not so much modified but rebuilt components (a huge difference), but even in those wild days, it felt wrong.  Since it was done by Microsoft and not a third-party, it's not like the scenerio Raymond describes.

  21. cheong00 says:

    @pc: I'd also think that it makes interesting category on this blog… :P

  22. xpclient says:

    Urrgh I hate tweaks and hacks which modify system files. Floating all over sites like Deviantart and other communities. But sometimes you just HAVE to patch system files because Microsoft refuses to fix critical bugs that sometimes prevent your apps from running. Like this 16-bit subsystem bug:

  23. Anonymous Coward says:

    @Falcon: Agreed, but I'm also coming at it from the perspective of an application developer. Some modifications are so common that I have to support them.

    @Joshua: > … really stupid  (e.g. changing the boot logo …

    Wanting to change the boot logo is perfectly natural and can be done quite safely using /bootlogo in boot.ini.

  24. Worf says:

    @Joshua: I hope you pointed that guy trying to homebrew encryption into doing it as a filter – after all, Microsoft provided that interface for that reason…

  25. Jules says:

    @Mike Caron: No, I'm not.  Please point me to a law that makes it an offence to modify software without the permission of its copyright holder.

    Yes, it would be illegal to make copies of such software, as in order to do so you need the permission of the copyright holder.  But the act of modifying it doesn't seem to be illegal as far as I can see.

  26. cheong00 says:

    > And then the company will buckle under the pressure and implement the feature anyway.

    Don't be surprised that there's already bunch of spineless PM approving those features in the wild. In fact I've seen once when debugging in one of my previous employer's client site.

    > Or maybe the customer's plan is to change their name and move to another country so the client can't find them when everything falls apart.

    Most likely they'll just jump ship whenever they heard a new version is about to release. (And you wonder why companys tend to struggle upgrade from WinXP even as of now? *chunkle*) Ok, I'm joking. Most likely the customer will tell the software vendor the modified library is their product and they should fix that in the new version of Windows without additional cost (if there's still maintenance contract in place). But as the company is in such a chaoic situation in project management, I suspect the company would not last long enough to meet the next OS version upgrade.

  27. Crescens2k says:


    Contract law. By using Windows, you agree to the EULA and are in a contract. Part of the EULA is

    The software is licensed, not sold. This agreement only gives you some rights to use the features included in the software edition you licensed. Microsoft reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not

    · work around any technical limitations in the software;

    · reverse engineer, decompile or disassemble the software, except and only to the extent that applicable law expressly permits, despite this limitation;

    So really, it isn't down to Microsoft in this case to prove that what you did is wrong, you broke the contract stated in the EULA. It is down to you to prove what you did is right. If your country provides laws which allows you to do this then there is no issue, but if you are in a country which doesn't provide such laws then the contract takes higher precedence and they can sue you.

  28. dasuxullebt says:

    I wonder what "feature" would require the modification of a Windows-DLL?

  29. Crescens2k says:

    Wait, is it copyright law? I can't remember. Well, either way, one or maybe both of these laws are used to make it illegal to do anything against the EULA.

  30. Deduplicator says:

    As long as we talk about it being illegal, in contrast to extremely ill-advised to modify windows, there are constant battles over which parts, if any, of EULAs are actually binding and legally enforceable.

    Also, there's a raging legal battle over the question of whether software is really licensed or sold, and to which extend, as well as how the exhaustion doctrine plays into manufacturer/user rights and duties.

  31. cheong00 says:

    @Crescens2k: Copyright law is about unauthorized distribution of copyrighted content. If you just modify it yourself but not redistribute it, you can be pretty sure it's not applicable.

    The relevent one is contract law, but even so EULA cannot make you give up rights that explicitly written in the law that cannot be made give up by contract (e.g.: consumer law in some country/region).

    Reverse engineering is explicitly protected by fair use right in law in some places (e.g. U.S.) therefore the statement has to be written in this way in order to avoid having the whole statement revoked. (In contract law, when the contract contains illegal statements, either the statement itself will be voided, or the contract itself will be voided completely.)

  32. TC says:

    Some time ago I was involved in an activity requiring the use of climbing slings. These slings are strong enough to hang cars off. But even just a *two foot* fall on slings of that type, can generate enough force to snap them in half. I knew this, but the people providing the slings did not. I sent them a letter outlining all this, and providing references. Although they made some usage changes, they clearly didn't really believe me.

    So I wrote to a climbing equipment manufacturer to support what I said. Clearly, a climbing equipment manufacturer has more sway (about climbing equipment) than some random person like me. Simiarly, Microsoft has more sway (about Microsoft software and support issues) than some random software develoment company.

    So I'd imagine that the company understood the issue completely – had absolutely no intention whatever of doing what the customer asked – but simply needed someone with more clout than them, to support their position.

  33. voo says:

    @Crescens2k The enforceability of EULAs is a rather interesting topic. E.g. in germany an EULA should only be enforceable if it was agreed upon the sale (i.e. anything that pops up when you install it is void). And even then they are only AGBs (not the slightest idea if there is a similar concept in the US and what it'd be called) and those are subject to the BGB.

    And some parts of the BGB are so general that we'd need some court cases to see how they interpret them.. But businesses seem to try really hard to avoid that it seems.

  34. Crescens2k says:


    Well, I'm a software engineer, I hate the law side of things. But I thought copyright law had something to do with it because it protected the copyright holders rights to license the use of something to protect the intellectual property or something like that. Meh, all of this is messy.


    I would imagine that if you are aware that the software has an EULA (I'm sure all Windows users who would go out and buy it are aware of this), then buying it would be an implicit acceptance of the EULA. Otherwise all you would have to do in Germany to get around being sued is just claim you never agreed to the EULA when you bought it. I don't think all those highly paid lawyers would allow such a thing to happen.

  35. voo says:

    @Crescens2k The provider is obligated to declare the EULA when buying – rather usual when buying online (e.g. you can't download stuff from MSDNA without first agreeing to the EULA), but not so if you buy it in a shop. And obviously the whole notion of an implicit agreement goes against to that.

    Now even if the provider gets that one right, some clauses in your usual EULA would probably have a hard time to confirm to the BGB. But hard to say without more court decisions on that topic. I remember some court case with MS about included windows CDs when buying a PC (they prominently lost), but don't ask me about any details..

  36. Random832 says:

    "<IANAL>You're confusing legal with enforceable."

    The word "enforceable" has two meanings. The rest of the post implies you're saying that it's merely impractical to enforce, while he is claiming there is no legal basis to enforce it [and thus violating it would be legal, except where it prohibits something that's already illegal].

    (I am not a lawyer either)

    Section 117 of copyright law invalidates the original legal theory behind EULAs, that you have to have permission from the copyright holder to be allowed to make 'transient copies' such as in RAM. These days, it's based on contract law.

    "Contract law. By using Windows, you agree to the EULA and are in a contract." No-one would ever claim that by reading a book you agree to a contract. You agree by clicking "I agree", if anything.

    Actually, all of this is completely irrelevant – these arguments are for when an EULA requires you to give up rights you would otherwise have (e.g. supposedly some companies have a EULA clause against publishing negative reviews of their product). Modifying the code, however, violates copyright. And there's no way to argue against that.

  37. KS says:

    Oh — my — god. Thanks for posting the clients from hell link. That made my day*s*.

  38. Daniel Neely says:

    @Voo  I've heard about the German Courts/windows licensing before.  What MS lost from their EULA was the right to prohibit transfering OEM/systembuilder licenses from the system they were installed on to a second system (boxed retail licenses don't have this restriction in the EULA but are priced ~2x as high).

  39. Jules says:

    @Crescens2k — what a lot of people haven't grasped is that violating a contract is not illegal.  The law just specifies that if you do it, the other party to the contract has a right of compensation for the violation, but doesn't go so far as to say that you must not do it.

    @Random832 — what part of copyright law makes modifying the code a violation?  The copyright laws I've read only prevent making copies, and at least when I modified my copy of XP, I did not copy it in order to do so (I merely changed an existing copy that had already been made under the terms of the EULA).

  40. Stolicki says:

    @Jules – 'Subject to sections 107 through 122, the owner of copyright under this title has the exclusive rights to do and to authorize any of the following: […] (2) to prepare derivative works based upon the copyrighted work;' (17 U.S.C. § 106)

  41. cheong00 says:

    The actual problem with EULA is at other place.

    EULA is a contract. I you want a contract to be enforcable, just having the other party to know it exist and signs on it (even if it require signing) is not enough. You have to prove the signee have read the whole agreement and understand the terms before signing it. That's why you have lawyers provided at many place where you have sign documents to explain the terms for you.

    Unfortunately, for most (if not all) shrink-wrapped software, this is not possible. And for most case, the action required for you to "Agree" the EULA happens before you can see it (like by opening the wrap). It's hard to argue the software users have any obligation to accept the EULA before the can even see it. And for those EULA by clicking "Accept" on installers, the software vendors also make no action to ensure the users carefully read it before clicking "Accept". (For those who blindly clicks through the install screen, or those who install by unattended installation with unattended script provided by the others.)

    Unless there's general software EULA that's written into law, that you can assure everyone living in the country is assumed to know it's detail, you can't make software EULA fairly enforcable this way.

  42. 640k says:

    Some installers (IE?) download the eula from manufacturer's site when it's time to show it in the installer wizard. This is wrong on so many levels: It is possible to click accept/next before the downloading is done. Then you are allowed to modify it's dll files. :) Also, the eula isn't garanteed to be consistent between installs, that's illegal in some contries, because the customer must be handed the exact contract which he/she accepts, else it isn't valid.

  43. ender says:

    Hah, speaking of slow-showing EULAs, Adobe Reader has that – the first time you run it, it presents you a big window with Accept/Decline buttons, and if you wait around 5 seconds, the EULA appears, too – but nothing prevents you from clicking Accept on the empty screen.

    And then there are Intel's driver installers, which for some years have been showing "This file should be replaced by the current license file when built." as their EULA (why do I need to accept a license to use my hardware anyway?).

  44. kinokijuf says:

    @ender: and that's why I always install drivers the official way, ie. from infs.

  45. ender says:

    @kinokijuf: sadly, some drivers make that exceptionally hard (I'm looking at you, RaLink). Intel isn't among them, but I really don't mind accepting that non-license.

  46. kinokijuf says:

    Try Uniextract: Works like a nutcracker.

  47. Gabe says:

    Stolicki: Derivative works are copies that you create based on an existing work. If you take a copy of an existing work and modify it, that is still a copy of the existing work and not a derivative work. For example, if you buy a book, nothing you can do to it (rip out pages, highlight portions, scribble in margins) will turn that book into a derivative work.

    Similarly, changing the bits of the Windows copy on your hard drive does not create a NEW copy of Windows; it just modifies the copy you already have. This is perfectly legal, as affirmed by Galoob v. Nintendo when the 9th Circuit agreed with the district court saying "Having paid Nintendo a fair return, the consumer may experiment with the product and create new variations of play, for personal enjoyment, without creating a derivative work." See…/Galoob_v._Nintendo

Comments are closed.

Skip to main content