No Rumor: Windows Source Code Loose on the Net

 
 
By Dennis Fisher  |  Posted 2004-02-12
 
 
 
Microsoft Corp. officials confirmed late Thursday that a portion of the source code for Windows NT and Windows 2000 has been posted on the Internet. The company said it did not believe the posting was the result of a security breach, which means that it is likely that someone who had a legitimate copy of the code is responsible for the leak.

"On Thursday, Microsoft became aware that portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet. Its illegal for third parties to post Microsoft source code, and we take such activity very seriously," the company said in a statement. "We are currently investigating these postings and are working with the appropriate law-enforcement authorities. At this point it does not appear that this is the result of any breach of Microsofts corporate network or internal security. At this time there is no known impact on customers."

Having even small portions of the Windows source code freely available online is a nightmare scenario for Microsoft. The potential for piracy is lessened somewhat by the fact that a complete copy of the code isnt available. However, experts say that the real concern at this point is the damage that could be done by crackers who find unknown vulnerabilities in the code.

"Vulnerabilities in Windows NT and Windows 2000 will likely be much easier to discover and exploit now that the source code has been leaked to the Internet. This has increased the threat level for anyone using Microsoft Windows 2000 or NT, causing organizations to step up security measures and embrace predictive and rapid response intelligence systems," said Ken Dunham, malicious code manager at iDefense Inc., based in Reston, Va.

Dunham also said that the code was spreading quickly in the cracker underground.

Several tech sites, most notably Slashdot, had message threads reporting that the code had leaked and speculation was rampant on how the alleged leak may have happened.

The potential economic damage to the company would be incalculable. The Windows code is Microsofts main intellectual property asset and is the basis for its ability to dominate the desktop OS market.

The tech site Betanews.com said late Thursday that it had looked at the code in question. Click here to read more about train of events leading up to the online report and the downloaded code.

Interestingly, the inquiry into the alleged leak is being handled by the companys Shared Source Initiative, not Microsofts security personnel. The Shared Source program was set up to give customers, partners and governments access to some of the Windows source code.

To read more about the recent expansion of the Shared Source Initiative, click here.

Although Windows NT and Windows 2000 are older operating systems, they are much more widely deployed than Windows Server 2003, the newest version of the companys flagship product.

If some or all of the source code is indeed available online, crackers would have a field day poring over the code and probing for vulnerabilities, which could then be used to attack the millions of machines running those operating systems.

Editors Note: This story was updated to include Microsofts confirmation of the leak.

Rocket Fuel