The source code for Windows XP SP1 and other versions of the operating system was allegedly leaked online today.
The leaker claims to have spent the last two months compiling a collection of leaked Microsoft source code. This 43GB collection was then released today as a torrent on the 4chan forum .
Included in this torrent is the alleged source code for Windows XP and Windows Server 2003, as well as an assortment of even older versions of the operating system.
The contents of the torrent include:
- MS DOS 3.30
- MS DOS 6.0
- Windows 2000
- Windows CE 3
- Windows CE 4
- Windows CE 5
- Windows Embedded 7
- Windows Embedded CE
- Windows NT 3.5
- Windows NT 4
The torrent also includes a media folder containing a bizarre collection of conspiracy theory videos about Bill Gates.
In addition to the torrent, a smaller 2.9GB 7zip file containing only the source code for Windows XP and Windows Server 2003 is being distributed online as well.
The leaker states that the Windows XP source has been passed around privately between hackers for years, but was not publicly released until today.
BleepingComputer has seen the source, but we have no way of confirming if it is the actual source code for Windows XP or Windows Server 2003.
This leak is not the first time source code for Microsoft operating system have been posted online.
The source code for Windows 10 internal builds was leaked online in 2017, and just recently Microsoft private GitHub repository was hacked and private projects leaked.
When we asked Microsoft if this is in fact the Windows XP source code that has been leaked, we were told that they "are investigating the matter."
BleepingComputer will not be sharing links to the leaks.
Does this source code raise security concerns?
While Windows XP was released almost 20 years ago, if any code is still used in modern versions of Windows, this leak could be a potential security risk.
Source code is human-readable instructions that tell a computer how a program should run. This source code is then compiled into a binary executable format that can be executed by the computer.
It was always possible to reverse engineer Windows to find bugs, but by having the source, it makes it much easier to get a detailed look into the inner workings of the Windows operating system.
If exploitable bugs are found in the Windows XP source code, and the code is still used in Windows 10, threat actors could exploit the bug in the modern version of the operating system.
The risks are likely low, and for most people, this leak will just let them get a peek into Windows history.
Comments
Some-Other-Guy - 3 years ago
"Does this source code raise security concerns?"
-------------------------------------------------------
No, it does not!
You cannot wreck my XP box even with the source code!
You cannot encrypt my files with ransomware and you cannot meaningfully infect my O.S. to any usable degree
Still running XP-SP2 ONLINE without any Microsoft Security patches and a full Admin account.
Yeah, we bad!
NoneRain - 3 years ago
https://youtu.be/l60MnDJklnM
EmanuelJacobsson - 3 years ago
Dont feed the troll.
NoneRain - 3 years ago
this dude may have some serious mental problem, I'm just trying to help...
Some-Other-Guy - 3 years ago
I can secure Windows XP without your help
EmanuelJacobsson - 3 years ago
Hes a troll, stop replying to him.
Some-Other-Guy - 3 years ago
Yes, I know he's a Troll
He should have been banned by now for all the personal attacks, but, you know how this site is run
EmanuelJacobsson - 3 years ago
Huh, couldve sworn I replied to to the other guy.
ASkript - 3 years ago
:) Ransomware can't break it if you put it on a read-only medium (:
Need to bake in some self-healing code for RAM if it gets busted in to :)
doriel - 3 years ago
My bet is, that XP source code is not far away from Windows 10. In fact, I believe that they are very close. We can see some parts of Windows 10 remain untouched since Windows XP era. Which ones? File system for example - I mean C:\Windows\ directory contains ALMOST all the same files and folders as 10-15 years ago. These things are ancient.
Maybe Windows want to become some sort of open-source project like Linux is :) :) MSFT just keeps stealing others idea, isnt it :)
Windows Server source code seems to be bigger issue to me.
survivor303 - 3 years ago
I think that this is inside job, they wanted to open it and now they look feedback of this "leak" just for testing.
For now, windows 10 code isnt that clean to open it, they need remove those old lines of nonsense and especially its comments :D
NoneRain - 3 years ago
Apparently, based in what I read on 4chan and others (better) sources, this is an old leak, that wasn't shared publicly, but existed in an old Tor forum since 2007/2008.
jamesfoxx336 - 3 years ago
I'll be very excited to see this forked!