Skip to main content

A tiny bit of Windows 10 source code has leaked online

Lumia 950 and Surface
Lumia 950 and Surface (Image credit: Windows Central)

On Friday, a small portion of the Windows 10 source code leaked online. The source code, believed to be related to Windows drivers, was uploaded to beta collector site BetaArchive and was briefly made available to the public before being pulled by mods for "review." As it turns out, however, the leak itself isn't much to get excited about.

The leak comes from Microsoft's Shared Source Initiative, a program where Microsoft itself shares source code with third parties such as partners. Sharing anything with third parties is always a risk, and Microsoft's is well aware of this. So, the code that has leaked isn't nearly as damaging as one might have first thought. Of course, the leak itself obviously isn't too great, but it's nothing that will permanently affect Microsoft.

In a statement to The Verge, Microsoft said:

"Our review confirms that these files are actually a portion of the source code from the Shared Source Initiative and is used by OEMs and partners."

Around the time of the source code leak, two British men were arrested for "hacking" into Microsoft servers and stealing internal tools, Windows builds and more. It's unclear at this time if the source code leak and the arrests are related, we'll keep you updated on that front. It's worth noting that the two men arrested stole no customer data, according to Microsoft.

This isn't the first time arrests have been made in relation to Microsoft. Back in 2012, a Microsoft employee was arrested for providing a popular leakster with Microsoft's "Activation SDK," which would have been bad news for Microsoft had it leaked. Microsoft used its own internal cyber team to track down the leak, scanning the Hotmail account of the leakster to find his source.

Today's source code leak is nowhere near the same level of importance for Microsoft. The Activation SDK would have been a brutal leak for the company, allowing the public to reverse engineer and essentially bypass Windows' activation systems. Luckily for Microsoft, that leak was stopped before it got started.

Over the last few months, several internal Windows 10 builds have been leaking to BetaArchive. Several ARM64 builds of Windows Server are available on the BetaArchive FTP, and over the years the site has collected around 70TB of Windows builds, ranging from 1985 all the way up to the 2017's latest Insider Preview builds. The source code was leaked separately, and is no longer available for download from the BetaArchive FTP.

Zac Bowden
Zac Bowden

Zac Bowden is a Senior Editor at Windows Central. Bringing you exclusive coverage into the world of Windows 10 on PCs, tablets, phones, and more. Also an avid collector of rare Microsoft prototype devices! Keep in touch on Twitter: @zacbowden.

51 Comments
  • Zac, there is nothing *exciting* about this anyways.
  • That's literally what I said in the article.
  • but that's not as exciting as it sounds - This implies it sounds exciting to some, or maybe you.
  • Disagree. But I changed the wording anyway because I'm nice and it's Saturday.
  • Thank you, Zac! It's better now. 🙂
  • Yeah. I'm actually a BA member and I was initially excited about this, not about the source code leaking, but about checking out the "leaked" internal builds and some of the tools (like one that supportively made Windows 10 Mobile software images to flash onto phones). But, I am glad that this leak has no real repercussions for either BA or Microsoft.
  • It could be "exciting to some," how do you know what does or doesn't excite other people?
  • *British men* It's Zaccening, Jezing intensifies
  • But Jez doesn't even have a face.
  • That's why it intensifies
  • 😂 nice one.
  • Microsoft needs to get in touch with Nintendo, because they need to hire a Plumber to fix all these leaks.
  • hahaha good one
  • the Mario brothers are needed
  • zac whats the point
  • Not much of a news...why publish it?!!!
  • To explain, add context, and clarify. That should be obvious.
  • Most other articles I've seen are linking together the cumulative totals of the other incidents in an attempt to artificially inflate this incident. So "to explain, add context, and clarify" is really appreciated. Thanks Zac.
  • I would say to counter the sites jumping on this in order to gain clicks like the one I saw that said "32TB of confidential data stolen from Microsoft!". To some sites out there, a story like this is the ultimate clickbait.
  • Well... To add some substance and deflate some other sites who paint a rather catastrophic picture.
  • How many time this will require to download those 70Tb? hahaha
  • Nor,Nor,Nor all i can say..😳🤥😳🤥
  • I bet this leak is worse than MS wants the public to know about ... Sounds like MS is trying to discredit the importance of this leak to discourage interest in it. But, this isn't ok, at all.
  • Sounds like you're making assumptions about something you don't have any concrete info about to make this sound more dramatic than it is because d r a m a.
  • I am totally making assumptions about something I don't know jack about. You're 100% correct.... I'm not saying this is definitely the case, just saying that's how these things go sometimes.
    Now, are you trying to start some d r a m a this morning, Daniel?😂😂😂
  • Clones
  • Wow! -13 likes... We're oppositely tied, Daniel💜😍💜😍💜😍💜😍💜😍
    We're soul mates forever, brother.
    Even though I'm stupid, you know, after all these years, you love me🙂
  • No.
  • Ummm, maybe. Can't say no, because there's no evidence I'm right, or wrong. Unless you believe everything Microsoft, and Daniel, say...🙄🙄🙄🙄🙄
  • Signal is open source and secure. I've been debating whether or not to insult you but I decided not to. I thought I'd let you know
  • You thought you'd let me know... So, it sounds like you might think I care if you insult me?... You think you're opinion matters so much to me that you must "let me know"... Lol. Who are you, again?
  • Ah yes, still waiting space trolling here. There's literally nothing to see here. As someone who has worked there I know precisely what's in the shared source stuff. Many versions have gotten loose multiple times over the years for different versions of Windows. This isn't a big deal honestly in the grand scheme of things and it's not even truly the proper OS source code as you think of it. So as Daniel and others here have said about your goals here.. D R A M A. Your usual M.O.
  • This is very similar to Windows Embedded Compact/CE Shared Source that ships with each paid copy.
  • I hope more leaks and someone can make an android installation image one day. Like some Xiomi devices which you can use android or wp 10 inside as you like.
  • That user name.. 😂😂😂😂😂
  • Many thanks for the accurate reporting compared to the fear mongering and click bait headlines on other sites. Nice to see at least someone dealing with the facts. Great job!
  • As if Windows phone doesn't have enough problems, now it's code can be picked up by google.
  • If Google wants to harm Windows, they could simply use Wine.
  • Meaning sit back and do nothing.
    Yes but there are features they've love to implement in android.
  • No words about the mobile transformation tool? :)
  • when the brit decided to start the clickbait trend on windowscentral. start posting good stuff or you might as well go join jake paul on youtube , you guys would be tight
  • Well, at least only a little was leaked. It would've indeed been way much worse if more were leaked, especially if it was something real important or some sort.
  • Oh no, the sky is falling. I'm going to have to write my own O/S to be safe now. It's a good job I have a head start!
  • Yep, source code in the pubic domain would have killed Windows. It certainly did for Linux!
  • Actually it's far from being a "small" leak at 32TB, microsoft ALMOST did a good job of containing the facts to try and keep whatever "trust" they think they have, search just about any of the non-fanboy sites to see the real facts of this horrifying leak.
  • You mean search sites with terrible reputations and no real link to facts? No thanks. I'll trust my years of direct work experience that let's me know that the shared source SDK 'leak' is something that happens like clockwork. Almost anyone can get access to it...legitimately. That's why this isn't a big deal. The shared source SDK is not the open code for the OS. It's the open code we've always distributed to help build components for specific parts of the OS. The parts you have to open source so vendors can do things like build proper drivers That's why there's no panic and not really anything to worry about. Why would anyone panic over an essentially public accessible tool kit being 'leaked'? They shouldn't. That's why knowing the full context is important.
  • The linked article says this link was just 1.2GB. Apparently The Register was wrong (as usual).
  • I just hope, they derive the fact of the code being shared source by having no code signing certificates involved.
  • btw is there any chance Windows will ever go open source?
  • Thats called DOOMSDAY it better remain closed
  • "Several ARM64 builds of Windows Server are available on the BetaArchive FTP" ARM versions of Winddow Server? Are there server versions for phones/tablets?