According to media reports, Microsoft has admitted that parts of
its source code for its Windows NT and Windows 2000 operating
systems have been posted on the internet. Microsoft, like many
software vendors, has closely guarded its code, only sharing it
with carefully selected parties under nondisclosure agreements.
This leak has raised security concerns about hackers or virus
writers using this information to develop malware. Microsoft
Windows represent the most popular platforms in the world, so
security threats which run on Windows often affect the largest
number of computer users.
A statement issued by Microsoft yesterday, which said "At this
time there is no known impact on customers. We will continue to
monitor the situation."
"Microsoft code runs into the millions of lines, and, when
compiled, work together to create the tools and systems we use,"
said Carole Theriault, security consultant at Sophos. "Without
having seen the code, we can't know for certain whether this leak
raises any security issues. But this type of activity is yet
another reason why people must keep their computer security up to
date against the latest threats."
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.