In what may prove to be a massive cybersecurity hazard in the long run, a large amount of internal Microsoft data about Windows 10 has been leaked online.
The files, found on BetaArchive, contain 8TB of compressed data that comprise of 32TB of internal builds for Windows 10 and Windows Sever 2016 and even software blueprints. This is believed to contain the code for Shared Source Kit, which includes the source for Windows 10's hardware drivers alongside PnP code, USB and Wi-Fi stacks, storage drivers, and ARM-specific OneCore kernel code.
All of these are critical systems for the operating systems and with their code available in plain sight to malicious parties; the massive leak, which is believed to have been taken from Microsoft's own systems, could prove devastating for the security of the OS in the future.
Alongside the source code were several as-yet unreleased builds for Windows 10, which included troubleshooting, testing and debugging tools used by Microsoft internally. Then, there's the Windows 10 Mobile Adaptation Kit, which seems to be an unannounced toolset designed at enabling Windows 10 to run on mobile devices.
The data seems to still be accessible to individuals with access to the private servers at BetaArchive and has been termed by some as being even bigger than the Windows 2000 source code leak back in 2004.
Update: The Register has claimed, with the following serving as proof, that BetaArchive is removing the confidential Microsoft files found on its servers, citing the apparent removal of the Shared Source Kit as an example:
Windows 10 leak: Beta Archive has removed the private MS files from its FTP. Here’s examples of non-public stuff that was dumped online pic.twitter.com/WULYM7me7U— The Register (@TheRegister) June 23, 2017
An administrator at BetaArchive has now commented on the story, acknowledging that a folder entitled Shared Source Kit did exist but has been removed for further review, though they did also question the accuracy of many of the claims contained within the story. His full statement is as follows:
First of all let us clear up a few facts. The “Shared Source Kit” folder did exist on the FTP until this article came to light. We have removed it from our FTP and listings pending further review just in case we missed something in our initial release. We currently have no plans to restore it until a full review of its contents is carried out and it is deemed acceptable under our rules.
The folder itself was 1.2GB in size, contained 12 releases each being 100MB. This is far from the claimed “32TB” as stated in The Register’s article, and cannot possibly cover “core source code” as it would be simply too small, not to mention it is against our rules to store such data.
At this time all we can deduct is that The Register refers to the large Windows 10 release we had on March 24th which included a lot of Windows releases provided to us, sourced from various forum members, Windows Insider members, and Microsoft Connect members. All of these we deemed safe for release to BetaArchive as they are all beta releases and defunct builds superseded by newer ones, and they were covered under our rules.
If any of this should change we will remove these builds from the FTP and we will happily comply with any instructions to do so by Microsoft.
With regards to the BBC article https://www.bbc.co.uk/news/technology-40366823 about two Britons that have been arrested following an alleged Microsoft hack, we don’t believe there is any connection with this alleged “Windows 10 core source code leak”.
Microsoft has now issued the following statement:
Our review confirms that these files are actually a portion of the source code from the Shared Source Initiative and is used by OEMs and partners.
Source and image: The Register