How Bad Is The Leak Of The Windows 10 Source Code?

Microsoft has confirmed that part of the Windows 10 source code has been leaked online.

The code, which was posted to the Windows enthusiast site Beta Archives, contains parts of the Windows 10 code for Windows 10 drivers related to USB, Wi-Fi, and data storage.

Old Data?

The Register, the site which first reported the leak, claims that the data includes “top-secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public.” However, a spokesperson for Microsoft told the Verge that the leak in question consists of files which are already available to Microsoft’s partners and original equipment manufacturers.

The Register has also stated that the leak consists of 32TB of data, but that is disputed by the Beta Archives’ owner Andrew Whyman. While his site has since removed the file, Whyman said that the leak only consisted of 1.2GB of data. As Whyman points out, a file of 1.2GB could not contain core source code as there simply isn’t enough room. He also said that sharing the Windows 10 core source code would be a violation of the site’s rules.

It is still unclear where the Register obtained the information regarding a 32TB leak. In his post on the Beat Archives forums, Whyman speculated that they were referring to a leak that occurred on March 24. However, he notes that leak, while large, was deemed safe to publish.

Security Concerns Of The Windows 10 Leak

While there is always the danger of someone obtaining data and using it for malicious purposes, the threat of this leak is fairly low. The bits of source code that were leaked consisted of versions of Windows that had been available to either the public or Microsoft partners for several months now. Despite the trouble caused by WannaCry, which included tools developed by the NSA, Microsoft is generally very careful about keeping its software secure. The issue from WannaCry was that users were relying on old operating systems that had not been updated.

In terms of security vulnerabilities, the main issue is simply not keeping computers updated. Most of the really famous computer exploits occur because hackers are able to discover an old vulnerability that has not been patched on older systems. For reasons we don’t quite understand, there are plenty of people who insist on using outdated versions of Windows well after the expiration date.

We’ll continue to monitor this situation and update this story should new information come to light.