Windows Source Code Leak? - P2P-Zone

Kris404 · 12-02-04, 07:26 PM

http://news-content.search.com.com/search?nodeid=7349
http://www.eweek.com/article2/0,4149,1526390,00.asp
http://www.infoworld.com/article/04/...croleak_1.html

Microsoft probes possible Windows source code leak

By Joris Evers, IDG News Service February 12, 2004

Microsoft is investigating rumors that the secret code underlying its Windows NT and Windows 2000 operating systems has leaked out and is available on the Internet, a company spokeswoman said Thursday.

The supposed leak was reported by Microsoft enthusiast Web site Neowin.net, which called it "shocking and potentially devastating news." The source code of the two OSes (operating systems) are rumored to be spreading on a peer-to-peer file-sharing network as well as on IRC (Internet relay chat).

"The rumor regarding the availability of Microsoft source code is based on the speculation of an individual who saw a small section of unidentified code and thought it looked like Windows source code. Microsoft is looking into this as a matter of due diligence," the spokeswoman said.

IDG News Service was shown Web pages that appear to contain a directory listing of the packages of Windows 2000 and Windows NT source code, as well as some actual source code that appears to be part of the Windows NT Task Manager. The contents of the pages could not immediately be verified.

If the source code for Windows 2000 and Windows NT has indeed been leaked, the ramifications would be far reaching. A breach of the code could expose users to an increase in cyberattacks because it would make it easier for hackers to find holes in the operating systems that they can exploit. It would also mean that Microsoft's closely guarded intellectual property is now out in the open, said Joe Wilcox, a Washington, D.C.-based Jupiter Research senior analyst.

"I would consider it fairly unlikely that the Windows 2000 and Windows NT source code has leaked. However, if any source for either operating system were to leak on the Internet it would be devastating for Microsoft," he said.

This would not be the first time that Microsoft faced a leak of its source code. In 2000 it confirmed that outsiders had accessed some of the code underlying a version of Windows as well as Office.

I haven't come across these files either on IRC or P2P networks so far. And if the said source is authentic, boy were in for a rough ride.

pod · 12-02-04, 11:15 PM

Quote:

Originally posted by Kris404
The rumor regarding the availability of Microsoft source code is based on the speculation of an individual who saw a small section of unidentified code and thought it looked like Windows source code.

Riiiiight....

ranger121 · 16-02-04, 01:34 PM

Have a look, if you can find it...

Source

Windowsbeta.Net has noticed that the Windows 2000 Source Code is spreading wild over the internet. Here are some info:

Filename: Windows.Source.Code.w2k.nt4.wxp.tar
Size: 195 MB
Source File List: here

Windowsbeta.net does NOT encurage people to download the source. Downloading the source is illegal.

TankGirl · 16-02-04, 02:23 PM

It seems that the first exploit based on findings from the leaked source code has already been created.

- tg

Kris404 · 16-02-04, 03:44 PM

Yup, that's the first of many to come(?). And I myself know many people still running IE5. It's fairly easy for an attacker to send an email with a bmp attachement and the user with preview mode on by default, could inadvertently open it in Outlook Express (which uses the IE rendering engine). Pw3n3d.

And you won't even believe the kind of things people do by the way of handling attachments. Just the other day, I was on the phone with this dude that downloaded a malware exe from Yahoo! webmail on to the desktop, from an entirely unknown source, merrily double clicked and watched the fireworks fly.

pod · 16-02-04, 04:17 PM

Included is source to Winsock, which means we can probably expect all kinds of low level network exploits (if there are any holes that is), not just the relatively cheesy BMP loader exploit that is currently floating around. Amusing how quickly these exploits are coming; MS had years and years to look at their code, and they are always saying how secure Windows is. Yeah, we'll see about that.

12-02-04, 07:26 PM	#1
Kris404 How may I help you? Join Date: Jun 2002 Location: Los Angeles, CA, USA Posts: 210	Windows Source Code Leak? http://news-content.search.com.com/search?nodeid=7349 http://www.eweek.com/article2/0,4149,1526390,00.asp http://www.infoworld.com/article/04/...croleak_1.html Microsoft probes possible Windows source code leak By Joris Evers, IDG News Service February 12, 2004 Microsoft is investigating rumors that the secret code underlying its Windows NT and Windows 2000 operating systems has leaked out and is available on the Internet, a company spokeswoman said Thursday. The supposed leak was reported by Microsoft enthusiast Web site Neowin.net, which called it "shocking and potentially devastating news." The source code of the two OSes (operating systems) are rumored to be spreading on a peer-to-peer file-sharing network as well as on IRC (Internet relay chat). "The rumor regarding the availability of Microsoft source code is based on the speculation of an individual who saw a small section of unidentified code and thought it looked like Windows source code. Microsoft is looking into this as a matter of due diligence," the spokeswoman said. IDG News Service was shown Web pages that appear to contain a directory listing of the packages of Windows 2000 and Windows NT source code, as well as some actual source code that appears to be part of the Windows NT Task Manager. The contents of the pages could not immediately be verified. If the source code for Windows 2000 and Windows NT has indeed been leaked, the ramifications would be far reaching. A breach of the code could expose users to an increase in cyberattacks because it would make it easier for hackers to find holes in the operating systems that they can exploit. It would also mean that Microsoft's closely guarded intellectual property is now out in the open, said Joe Wilcox, a Washington, D.C.-based Jupiter Research senior analyst. "I would consider it fairly unlikely that the Windows 2000 and Windows NT source code has leaked. However, if any source for either operating system were to leak on the Internet it would be devastating for Microsoft," he said. This would not be the first time that Microsoft faced a leak of its source code. In 2000 it confirmed that outsiders had accessed some of the code underlying a version of Windows as well as Office. I haven't come across these files either on IRC or P2P networks so far. And if the said source is authentic, boy were in for a rough ride.

16-02-04, 01:34 PM	#3
ranger121 Vos vestros servate, meos mihi linquite mores. Join Date: Jul 2000 Posts: 2,795	Have a look, if you can find it... Source Windowsbeta.Net has noticed that the Windows 2000 Source Code is spreading wild over the internet. Here are some info: Filename: Windows.Source.Code.w2k.nt4.wxp.tar Size: 195 MB Source File List: here Windowsbeta.net does NOT encurage people to download the source. Downloading the source is illegal. __________________

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

16-02-04, 02:23 PM	#4
TankGirl Madame Comrade Join Date: May 2000 Location: Area 25 Posts: 5,587	It seems that the first exploit based on findings from the leaked source code has already been created. - tg

16-02-04, 03:44 PM	#5
Kris404 How may I help you? Join Date: Jun 2002 Location: Los Angeles, CA, USA Posts: 210	Yup, that's the first of many to come(?). And I myself know many people still running IE5. It's fairly easy for an attacker to send an email with a bmp attachement and the user with preview mode on by default, could inadvertently open it in Outlook Express (which uses the IE rendering engine). Pw3n3d. And you won't even believe the kind of things people do by the way of handling attachments. Just the other day, I was on the phone with this dude that downloaded a malware exe from Yahoo! webmail on to the desktop, from an entirely unknown source, merrily double clicked and watched the fireworks fly.

16-02-04, 04:17 PM	#6
pod Bumbling idiot Join Date: Feb 2002 Location: Vancouver, CA Posts: 787	Included is source to Winsock, which means we can probably expect all kinds of low level network exploits (if there are any holes that is), not just the relatively cheesy BMP loader exploit that is currently floating around. Amusing how quickly these exploits are coming; MS had years and years to look at their code, and they are always saying how secure Windows is. Yeah, we'll see about that.