Part of the core software code behind the Windows operating system has been leaked on to the internet, potentially handing ammunition to hackers and virus-writers to mount attacks on the world's personal computers.
Microsoft's admission of the security lapse yesterday came in the same week that it disclosed a flaw in Windows that could let hackers gain remote control of PCs, and will add to the growing embarrassment the software giant has suffered from recent security weaknesses.
Armed with the underlying code to Windows, virus-writers and hackers may be able to identify new weaknesses in the software, security experts said. The secret code might also hand ammunition to software pirates, though they would need the whole program to be able to create full "clones" of the software, a source close to Microsoft said.
Microsoft played down the risks from the latest breach, which it said had "no known impact" on computer users "at this time". But Microsoft's warning highlights the risks its main software industry rivals would run if they tried to use the illicit code to gain an advantage, since being caught with the software could expose them to crippling lawsuits.
The 100 million lines of instructions contained in the Windows source code represent the blueprint for the widely used operating system and form the core of Microsoft's intellectual property. About 13.5 million lines of software have been leaked, much of it spread widely on the internet yesterday.
Microsoft said the security breach appeared not to have resulted from any lapse in its own network or internal security. The company makes the source code available to about 3,000 governments, universities and others under what it calls a "shared-source" plan, but none of these users seems to have been the source of the leak, it said.
Attention yesterday focused on Mainsoft, a Californian software company, which was mentioned in some of the leaked code. The company, which is not part of the shared-source plan, could not be reached for comment.
One person close to Microsoft said the leak may have been motivated by the software giant's opposition to so-called open-source software programs, which are freely available. - (Financial Times Service)
