Slashdot Mirror

← Back to Stories (view on slashdot.org)

32TB of Windows 10 Internal Builds, Core Source Code Leak Online (theregister.co.uk)

Posted by BeauHD on from the treasure-hunt dept.

According to an exclusive report via The Register, "a massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have leaked online." From the report: The data -- some 32TB of installation images and software blueprints that compress down to 8TB -- were uploaded to betaarchive.com, the latest load of files provided just earlier this week. It is believed the data has been exfiltrated from Microsoft's in-house systems since around March. The leaked code is Microsoft's Shared Source Kit: according to people who have seen its contents, it includes the source to the base Windows 10 hardware drivers plus Redmond's PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code. Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels. In addition to this, hundreds of top-secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public, have been leaked along with copies of officially released versions.

8 of 201 comments (clear)

  1. Neat. by Anonymous Coward · · Score: 5, Interesting

    Maybe it tells us the secret to shutting down a laptop using ACPI in a way that doesn't drain the battery dead 2 hours after it "powers off" using Linux

  2. I know it was you Comey. Horrible. Horrible. by Anonymous Coward · · Score: 5, Funny

    Really very, very horrible. Really horrible. Very very not good at all, let me tell you. Leakers on any media, horrible. Don't watch that video.

  3. Oh no, security problems might be found! by Anonymous Coward · · Score: 5, Insightful

    Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide.

    You mean like.. BSD and Linux? Sounds like the way it should be -- the security by obscurity fad faded a long time ago.

  4. Telemetry by OtisSnerd · · Score: 5, Interesting

    Maybe now we'll be able to find out what the telemetry actually sends back to MS and the three-letter agencies. It would also be nice for some to develop a way to completely kill it.

  5. Re:32 TB? by haruchai · · Score: 5, Funny

    How much is it if you skip all the #ifdef BUGS sections?

    That compiles down to 640k, just enough for everybody

    --
    Pain is merely failure leaving the body
  6. Betaarchive admin official statement by ark1 · · Score: 5, Informative

    https://www.betaarchive.com/fo...

    Seems The Register story may not be accurate, or if you prefer FAKE NEWS!

  7. Re: 32TB? by cyber-vandal · · Score: 4, Funny

    Better not use Linux or FreeBSD. I hear they let anyone look at the source.

  8. Winbeta themselves have refuted almost everything by Artem+S.+Tashkinov · · Score: 4, Informative

    Source

    The Register article has got BetaArchive a fair amount of attention this evening. They claim, and I quote âoe32TB of Windows 10 internal builds, core source code leak onlineâ.

    First of all let us clear up a few facts. The âoeShared Source Kitâ folder did exist on the FTP until this article came to light. We have removed it from our FTP and listings pending further review just in case we missed something in our initial release. We currently have no plans to restore it until a full review of its contents is carried out and it is deemed acceptable under our rules.

    The folder itself was 1.2GB in size, contained 12 releases each being 100MB. This is far from the claimed âoe32TBâ as stated in The Registerâ(TM)s article, and cannot possibly cover âoecore source codeâ as it would be simply too small, not to mention it is against our rules to store such data.

    At this time all we can deduct is that The Register refers to the large Windows 10 release we had on March 24th which included a lot of Windows releases provided to us, sourced from various forum members, Windows Insider members, and Microsoft Connect members. All of these we deemed safe for release to BetaArchive as they are all beta releases and defunct builds superseded by newer ones, and they were covered under our rules.

    If any of this should change we will remove these builds from the FTP and we will happily comply with any instructions to do so by Microsoft.

    With regards to the BBC article http://www.bbc.co.uk/news/tech... about two Britons that have been arrested following an alleged Microsoft hack, we donâ(TM)t believe there is any connection with this alleged âoeWindows 10 core source code leakâ.

    Update 09:58 GMT 24/06/2017 A spokesperson for Microsoft contacted The Register and said: "Our review confirms that these files are actually a portion of the source code from the Shared Source Initiative and is used by OEMs and partners."