[0w4u2a]

Or changing the KMS server to a "customised" one that accepts all activation attempts. Much more secure than giving root to kmspico.

Find a proper key for your edition here: https://docs.microsoft.com/en-us/windows-server/get-started/...

slmgr /ipk XXXXX-XXXXX-XXXXX-XXXXX-XXXXX

slmgr /skms kms.digiboy.ir # just an example of many KMS servers that exist

slmgr /ato

[gnu8]

What can the operator of a KMS server do to my computer though?

[0w4u2a]

1. If you use a custom KMS server like that, I don't know what they can do to you. Maybe a KMS server can send arbitrary commands to a client by design? I don't know. Even if it can't, there could be a bug like a buffer overflow in the KMS client that might allow the server to execute code on your client machine. Since you are only supposed to connect your client to Microsoft's KMS server (I don't believe other alternative and supported implementations of the server exist), maybe the client is not as battle-tested and hardened as it should.

2. Installing kmspico requires admin access to your machine. What kmspico does is that it installs a local KMS server which works the same way the remote KMS server I've suggested to use does: it activates everything you throw at it. But as I said it needs admin access to your machine, and it's up to you whether you trust kmspico or not.