Microsoft has confirmed that a significant chunk of its source code for Windows 10 was posted to a repository called BetaArchive. The exact size of the leak has been disputed, but the data reportedly comes from the Shared Source Kit that Microsoft distributes to trusted partners.
First reported by The Register and confirmed by Microsoft on Friday night, the leak contains source code “to the base Windows 10 hardware drivers plus Redmond’s PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code.” With that information, a hacker can hunt for vulnerabilities within some of the most trusted levels of the operating system. The code also reportedly contains the private debugging symbols that are normally stripped from public releases. These symbols give programmers extra information about which functions and data a piece of code is calling.
The Register claimed the data dump was 32 TB large, but BetaArchive tells The Verge that “the source code was just 1.2GB in size.” BetaArchive has removed files from its servers — The Register posted screenshots for the sake of posterity. The Verge claims that a lot of the data has been around for a long time. The fact that BetaArchive administrators say that they were not forced by Microsoft to remove the code could indicate that this leak is not as significant as it seems.
But there’s more for the software giant to worry about. The Register claims that it’s believed that the leak came from a breach of Microsoft’s in-house system that occurred in March. Ars Technica confirms that it received unconfirmed accounts that the Microsoft build systems were indeed hacked that month.
For Microsoft, this is another worrisome issue with cybersecurity following several months of recurring incidents. It comes right on the heels of the debunking of its claim that “no known ransomware” can run on Windows 10 S.