It’s probably not the biggest security issue that Microsoft is dealing with right now but the software giant probably isn’t happy about it either way: This week, a torrent appeared online that contained the apparent source code for Windows XP, the extremely outdated Microsoft operating system that still runs on millions of computers around the world. The leaker(s) also threw in a little Bill Gates conspiracy-mongering, as a treat.
The torrent appeared on 4Chan earlier this week and has since broken out of the trash zone, falling into the hands of security pros and tinkerers alike. Gizmodo reviewed the files and while we haven’t done anything with them, numerous experts and other outlets have verified the files’ authenticity. It’s the first time we’ve seen a major public leak of XP’s source code, though many people online claim that the collection has been going around in private groups for some time.
Microsoft’s only statement at the moment is, “we are investigating the matter.”
The initial leak is huge, clocking in at 43 GB, but the torrent is also junked up with media files — the bulk of which are a collection of Microsoft patents. Also packed inside the torrent are several videos and documents spreading conspiracy theories about Microsoft founder Bill Gates, including a 30-minute documentary called Bill Gates’ Plan to Vaccinate the World. Since the files dropped, a separate torrent containing just the pertinent XP source code files was shared. That one only takes up about 3 GB of space.
The motivation of the leaker (or leakers) is unclear, but it seems likely that they just have an ideological bone to pick with Microsoft. Elsewhere in the torrent, you can find a DVD rip of pro-open source documentary The Code: The Story of Linux, a clip of Steve Jobs making fun of DOS in 1992, and several pdfs of articles about the leak of some Windows 10 source code that occurred in 2017.
According to recent data from NetMarketShare, XP is still running on just over 1 per cent of the world’s systems. So, yes, hackers could use the source code to learn more about XP in order to aid their illicit efforts. Infosec researcher Greg Linares suggested that ATM machine malware developers could be among the first to find it useful. Windows ended support for the OS back in 2014, so anyone running it is already dealing with a huge security risk, leak or no. Once again, these files have reportedly been going around underground for a while.
On the other hand, if you’re a Linux lover or just a curious code monkey, the source code could be solid gold. Hobbyists might add newer hardware support to XP or modify the OS. It could also be used to inform the development of projects like Wine, free software that allows Windows applications to run on Linux, macOS, or BSD. XP was good, and there’s surely rich information about coding an OS to be gleaned from taking it apart and seeing what makes it tick.