Virtual Event Today: Cyber AI & Automation Summit - Register/Login Now
Connect with us

Hi, what are you looking for?



Windows 10 Source Code Leaked Online

A portion of Microsoft’s Windows 10 source code was leaked online this week on an enthusiast website that tracks Windows releases.

A portion of Microsoft’s Windows 10 source code was leaked online this week on an enthusiast website that tracks Windows releases.

The source code, which Microsoft already confirmed to be from the Shared Source Initiative, was supposedly accessible only to OEMs (Original Equipment Manufacturers) and partners.

The code was listed on enthusiast site Beta Archive, but was listed on a free private FTP where numerous archived Windows builds are also present.

As per the rules of the site, only beta builds that have been already superseded by newer releases are accepted, “sourced from various forum members, Windows Insider members, and Microsoft Connect members.” Core source code isn’t accepted on the site.

The leaked source code was stored in a FTP folder called “Shared Source Kit,” and Beta Archive removed it immediately after learning that it might contain sensitive data. Specifically, it removed the folder after an article on The Register came into focus, claiming that several terabytes of internal builds and core source code leaked online.

A Beta Archive admin named Andy also provided some explanation on this action, revealing that they decided to remove the folder from the FTP server, along with listings on the site, to review its content “just in case we missed something in our initial release.” The folder will remain offline until a full review is carried out and its content is deemed acceptable under the site’s rules.

The administrator also explains that the folder was only 1.2GB in size, and that it contained “12 releases each being 100MB,” thus being far smaller than “32TB as stated in The Register’s article.” Being this small, the folder could not possibly cover core source code, the admin also noted.

Apparently, Microsoft already had a look at the contents of said folder and determined that it did contain “a portion of the source code from the Shared Source Initiative.” This means that the code, although not publicly accessible, was already available to Microsoft’s customers looking to license it through the program.

Advertisement. Scroll to continue reading.

According to Windows Internals Expert Alex Ionescu, only the source code in the ARM Shared Source Kit was leaked in the incident.

The Register article also claimed that “top-secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public,” along with “prerelease Windows 10 “Redstone” builds and unreleased 64-bit ARM flavors of Windows” were also leaked on Beta Archive.

The site indeed lists a great deal of beta Windows builds, some of which weren’t accessible to the public at the time of their release, but accepts only defunct builds, which have been already superseded by newer ones. However, these builds were added to the site over time, and aren’t part of a single large leak.

However, a large number of builds were added on March 24, 2017, when some of the site’s users provided “a lot of Windows releases,” and the incident might be related to the recent arrest of two Britons for “unauthorised intrusion into networks belonging to Microsoft.”

The two supposedly hacked into Microsoft’s network between January and March this year, but no confirmation of a connection with Beta Archive has emerged. Referring to the arrests, the site’s admin said: “we don’t believe there is any connection with this alleged “Windows 10 core source code leak”.”

Related: Microsoft Opens Transparency Center in Europe to Allow Governments to Examine Source Code

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...


A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.