32TB of Windows 10 internal builds, core source code leak online

["Dave Farber" <farber () gmail com>]

Begin forwarded message:

> From: Richard Forno <rforno () infowarrior org>
> Date: June 23, 2017 at 6:18:13 PM EDT
> To: Infowarrior List <infowarrior () attrition org>
> Cc: Dave Farber <dave () farber net>
> Subject: 32TB of Windows 10 internal builds, core source code leak online
>
> 32TB of Windows 10 internal builds, core source code leak online
>
> Finding exploitable bugs suddenly easier
>
> By Chris Williams, US editor 23 Jun 2017 at 20:09
>
> http://www.theregister.co.uk/2017/06/23/windows_10_leak/
>
> A massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have 
> leaked online.
>
> The data – some 32TB of installation images and software blueprints that compress down to 8TB – were uploaded to 
> betaarchive.com, the latest load of files provided just earlier this week. It is believed the data has been 
> exfiltrated from Microsoft's in-house systems since around March.
>
> The leaked code is Microsoft's Shared Source Kit: according to people who have seen its contents, it includes the 
> source to the base Windows 10 hardware drivers plus Redmond's PnP code, its USB and Wi-Fi stacks, its storage 
> drivers, and ARM-specific OneCore kernel code.
>
> Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows 
> systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels.
>
> Leaked ... Screenshot of a Beta Archives posting announcing on Monday, June 19, the addition of Microsoft's 
> confidential source code archive
>
> In addition to this, hundreds of top-secret builds of Windows 10 and Windows Server 2016, none of which have been 
> released to the public, have been leaked along with copies of officially released versions. The confidential Windows 
> team-only internal builds were created by Microsoft engineers for bug-hunting and testing purposes, and include 
> private debugging symbols that are usually stripped out for public releases.
>
> This software includes, for example, prerelease Windows 10 "Redstone 2" builds. There are, we think, too many 
> versions now dumped online for Microsoft to revoke via its Secure Boot mechanism, meaning the tech giant can't use 
> its firmware security mechanisms to prevent people booting the prerelease operating systems.
>
> Also in the leak are multiple versions of Microsoft's Windows 10 Mobile Adaptation Kit, a confidential software 
> toolset to get the operating system running on various portable and mobile devices.
>
> Netizens with access to Beta Archive's private repo of material can, even now, still get hold of the divulged data 
> completely for free. It is being described by some as a bigger leak than the Windows 2000 source code blab in 2004.
>
> Spokespeople for Microsoft were not available for comment. ®



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20170623193708:DD73164A-586C-11E7-A378-E3F45F181E07
Powered by Listbox: http://www.listbox.com