Microsoft Leaks: No possibility of leveraging it for serious exploits?

Great portion of Windows 10 source code was leaked last week, with files related to Microsoft’s USB, storage, and Wi-Fi drivers in Windows 10 posted to BetaArchive. But what's the potential damage from the breach, given that BetaArchive has taken down about 1.2TB of the leaked Windows 10 code offline since the original report.

BetaArchive is a fan-portal, which calls itself "the community for beta collectors" that tracks Windows updates, and require donations from its members or a contribution on Windows-related stuff if they access a private FTP full of archived Windows builds.

While the leaks are part of Microsoft's Shared Source Kit, which includes source code for the base Windows 10 hardware drivers, PnP code, USB and WiFi stacks, storage drivers and some ARM-specific OneCore kernel code.

Albeit, the leaked code may date back to March 2017, as it may possibly have been hijacked from the Shared Source Initiative, which Microsoft licenses to certain "qualified" customers, governments and partners for debugging and reference purposes.

The fear of the leaks to the public stems from the fact that anyone who has the information can scour it for security vulnerabilities, which could be exploited to hack Windows systems.

And secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public, have also been leaked among copies of the officially released versions.

Microsoft has been known to aggressively pursue after Windows leakers, and the company had once scanned a user's Microsoft account to track down a Windows 8 leak. And as such, it has narrowed down early access to its Insider program that lets only verified testers have copies of the operating system.
Next Post »