Microsoft's source code illegally published on web, Sophos comments

February 13, 2004 Sophos Press Release

According to media reports, Microsoft has admitted that parts of its source code for its Windows NT and Windows 2000 operating systems have been posted on the internet. Microsoft, like many software vendors, has closely guarded its code, only sharing it with carefully selected parties under nondisclosure agreements.

This leak has raised security concerns about hackers or virus writers using this information to develop malware. Microsoft Windows represent the most popular platforms in the world, so security threats which run on Windows often affect the largest number of computer users.

A statement issued by Microsoft yesterday, which said "At this time there is no known impact on customers. We will continue to monitor the situation."

"Microsoft code runs into the millions of lines, and, when compiled, work together to create the tools and systems we use," said Carole Theriault, security consultant at Sophos. "Without having seen the code, we can't know for certain whether this leak raises any security issues. But this type of activity is yet another reason why people must keep their computer security up to date against the latest threats."