A huge trove of Microsoft internal Windows operating system builds and portions of core source code have leaked online. The news was first reported by The Register, the 32TB of official and non-public installation images and Microsoft projects were uploaded to betaarchive.com.
Beta Archive’s administrators remove non-public Microsoft components and builds from its FTP server and its forums.
The data in the leaked dump were likely exfiltrated from Microsoft systems in March, this is one of the biggest leak affecting Windows products.
The leaked code is Microsoft’s Shared Source Kit, it includes the source to the base Windows 10 hardware drivers and Microsoft PnP code, the USB and Wi-Fi stacks, storage drivers, and ARM-specific OneCore kernel code.
Internal builds were created by Microsoft software experts to test their code searching for bugs, it includes private debugging data that are stripped out for public releases.
“First of all let us clear up a few facts. The “Shared Source Kit” folder did exist on the FTP until this article came to light. We have removed it from our FTP and listings pending further review just in case we missed something in our initial release. We currently have no plans to restore it until a full review of its contents is carried out and it is deemed acceptable under our rules.” states an announcement published on betaarchive.com.
“The folder itself was 1.2GB in size, contained 12 releases each being 100MB. This is far from the claimed “32TB” as stated in The Register’s article, and cannot possibly cover “core source code” as it would be simply too small, not to mention it is against our rules to store such data.”
The dump includes top-secret builds of Windows 10 and Windows Server 2016 haven’t been released to the public before.
“Our review confirms that these files are actually a portion of the source code from the Shared Source Initiative and is used by OEMs and partners.” states a spokesperson for Microsoft.
The leaked software includes prerelease Windows 10 “Redstone” builds and unreleased 64-bit ARM flavors of Windows, and multiple versions of Microsoft’s Windows 10 Mobile Adaptation Kit.
The availability of Windows 10 source code is a gift for cyber security experts that can analyze it searching for security vulnerabilities.
“There are, we think, too many versions now dumped online for Microsoft to revoke via its Secure Boot mechanism, meaning the tech giant can’t use its firmware security mechanisms to prevent people booting the pre-release operating systems.” states The Register.
Recently British Police arrested two men suspected of being the members of a large organization than plans to hack Microsoft Networks. It is still unclear if the event is connected with the “Windows 10 core source code leak”.
(Security Affairs – Microsoft Windows 10, data breach)