It looks like Microsoft is in trouble again. This time not for its critical vulnerabilities in Windows operating system but for a massive data leak in which 32TB of highly sensitive Windows 10 related data has been dumped online.
According to a report from TheRegister, it is believed that the data was stolen from Microsoft’s in-house systems in March.
Those who have seen the data claim that the leaked files belong to Microsoft’s internal Windows operating system builds and in-depth details about its core source code.
Furthermore, TheRegister reported that the data was uploaded on a website called betaarchive.com, a collectors website for beta software, games, applications, and abandonware. But a discussion topic on the site denies uploading of any such data.
After a brief analysis, TheRegister has confirmed that the data is updated to last week, and includes “The source to the base Windows 10 hardware drivers plus Redmond’s PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code.”
Furthermore, there are several never been released builds for Windows 10, which included testing, troubleshooting and debugging tools used by Microsoft internally. Also, there’s a Windows 10 Mobile Adaptation Kit, which looks like an unannounced toolset designed for Windows 10 to run on mobile devices.
This means that anyone who has downloaded the data and knew how to take advantage of it can exploit for security vulnerabilities and carry large-scale cyber attacks just like WannaCry ransomware attack which exploited Server Message Block (SMB) vulnerability in unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems.
At this time, it is unclear if Microsoft has suffered a hack attack or someone from the inside has done the damage. However, it can be assumed that the data is highly sensitive for Windows and jackpot for hackers since the data is still available for anyone to download on the website.
An administrator at BetaArchive has now commented on the story, acknowledging that a folder entitled Shared Source Kit did exist but has been removed for further review, though they did also question the accuracy of many of the claims contained within the story. His full statement is as follows:
First of all let us clear up a few facts. The “Shared Source Kit” folder did exist on the FTP until this article came to light. We have removed it from our FTP and listings pending further review just in case we missed something in our initial release. We currently have no plans to restore it until a full review of its contents is carried out and it is deemed acceptable under our rules.
The folder itself was 1.2GB in size, contained 12 releases each being 100MB. This is far from the claimed “32TB” as stated in The Register’s article, and cannot possibly cover “core source code” as it would be simply too small, not to mention it is against our rules to store such data.
At this time all we can deduct is that The Register refers to the large Windows 10 release we had on March 24th which included a lot of Windows releases provided to us, sourced from various forum members, Windows Insider members, and Microsoft Connect members. All of these we deemed safe for release to BetaArchive as they are all beta releases and defunct builds superseded by newer ones, and they were covered under our rules.
If any of this should change we will remove these builds from the FTP and we will happily comply with any instructions to do so by Microsoft.
With regards to the BBC article http://www.bbc.co.uk/news/technology-40366823 about two Britons that have been arrested following an alleged Microsoft hack, we don’t believe there is any connection with this alleged “Windows 10 core source code leak”.
Microsoft has now issued the following statement:
Our review confirms that these files are actually a portion of the source code from the Shared Source Initiative and is used by OEMs and partners.