Windows code leak on Internet worries Microsoft, could further erode ‘security’ of Windows

“Microsoft Corp. says incomplete portions of the source code for some versions of its Windows computer operating system were leaked over the Internet, but analysts caution it’s too early to say how much damage the leak may cause,” Allison Linn reports for The Associated Press. “Microsoft spokesman Tom Pilla said Thursday that some pieces of source code – the tightly guarded blueprint of its dominant computer operating system – for its Windows 2000 and Windows NT4.0 operating systems had been ‘illegally made available on the Internet.”’

“Access to the source code could allow hackers to exploit the operating system and attack machines running some versions of Windows. Several versions of the operating system, including the ones containing leaked code, are used on hundreds of millions of computers worldwide. Such access could also provide a competitive edge to Microsoft rivals, who would gain a much better understanding of the inner workings of Microsoft’s technology,” Linn reports.

“But analysts and security experts cautioned that it was hard to assess any potential damage the leak could cause, since so few details were available. ‘Frankly, I’m not sure anybody can fully assess that, other than Microsoft,’ said Al Gillen, research director for systems software at research group IDC. The leak could potentially put more Windows users at risk because it opens the door to more people finding vulnerabilities in Microsoft’s code – and using them in malicious ways, Maiffret said. That could, in turn, wreak havoc on Microsoft’s ability to respond with fixes in a controlled manner,” Linn reports.

Full article here.

64 Comments

  1. Hey, now M$ can claim they have the most secure OS since millions of internet users have been able to go over their code! ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />

    Anyway, now they won’t be able to wait 6 months to release patches!

  2. Apparently a judge has ruled that Microsoft does not own exclusive rights to the the word “Windows”. (See Linus and Lindows.)

    Bill Gates subsequently announced that, to ensure brand name recognition, from now own the Microsoft operating system will be renamed “Petri Dish”.

    Special offers now available for pathologists.

  3. “The leak could potentially put more Windows users at risk because it opens the door to more people finding vulnerabilities in Microsoft’s code – and using them in malicious ways.”

    I love the way they just assume that everyone is going to be malicious with the code. Windows could actually become slightly more secure because of this leak. Let’s face it, if the vulnerabilities are there, someone would have found them sooner or later.

  4. Well, Dave, if you were malicious and wanted to create the next mydoom, I’m sure you would be very interested in any snippets of the source you could get.
    I’m also sure M$ will be pouring over this code intensely to make sure there’s nothing to exploit, or if there is, to release an out-of-cycle patch. Just imagine the nightmare if someone where to release an exploit in to the wild first! No protection, widespread corporate network failures etc.

  5. Since we live in an environment redolent in windows I think this is actually bad news even for us Mac Users in the short run. I have experienced some slow downs and inconvience as windoze nodes in the web fall prey to virii or spew out tens of thousands of emails.

    We can just hope that enough windozers see the light and switch to a more secure system before the shiite hits the fan. Unfortunately it seems to be human nature to wait til things are really fracked up before they wake up and finally do something about it.

  6. My worry now is microsoft pulling and SCOG. the code leak, the next version of Samba(OS X uses Samba to connect to windows) is contamiated, cause the code is Identical( not hard for ms to change their code)

  7. In a statement Microsoft said, “It’s illegal for third parties to post Microsoft source code, and we take such activity very seriously. We are currently investigating these postings, and are working with the appropriate law enforcement authorities.”

    It’s illegal? Really? Oh no! Better tell the hackers, perhaps thay don’t realise…

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.