13 Feb 2004
Microsoft's source code illegally published on web, Sophos comments
According to media reports, Microsoft has admitted that parts of
its source code for its Windows NT and Windows 2000 operating
systems have been posted on the internet. Microsoft, like many
software vendors, has closely guarded its code, only sharing it
with carefully selected parties under nondisclosure agreements.
This leak has raised security concerns about hackers or virus
writers using this information to develop malware. Microsoft
Windows represent the most popular platforms in the world, so
security threats which run on Windows often affect the largest
number of computer users.
A statement issued by Microsoft yesterday, which said "At this
time there is no known impact on customers. We will continue to
monitor the situation."
"Microsoft code runs into the millions of lines, and, when
compiled, work together to create the tools and systems we use,"
said Carole Theriault, security consultant at Sophos. "Without
having seen the code, we can't know for certain whether this leak
raises any security issues. But this type of activity is yet
another reason why people must keep their computer security up to
date against the latest threats."
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.