Windows 10 Source Code Leak Raises Security Concerns.
Confirmed by Microsoft on Friday night, the leak contains source code to the base Windows 10 hardware drivers plus Redmonds PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code. With that information, a hacker can hunt for vulnerabilities within some of the most trusted levels of the operating system. The code also reportedly contains the private debugging symbols that are normally stripped from public releases. These symbols give programmers extra information about which functions and data a piece of code is calling.
The data dump was reported to be 32 TB large, but BetaArchive says that the source code was just 1.2GB in size. BetaArchive has removed files from its servers — The Register posted screenshots for the sake of posterity. The Verge claims that a lot of the data has been around for a long time. The fact that BetaArchive administrators say that they were not forced by Microsoft to remove the code could indicate that this leak is not as significant as it seems.
But there is more for the software giant to worry about. The Register also claims that it is believed that the leak came from a breach of Microsofts in-house system that occurred in March. Ars Technica confirms that it received unconfirmed accounts that the Microsoft build systems were indeed hacked that month.
For Microsoft, this is another worrisome issue with cybersecurity following several months of recurring incidents. It comes right on the heels of the debunking of its claim that no known ransomware can run on Windows 10 S.