Security

Heaps of Windows 10 internal builds, private source code leak online

Unreleased 64-bit ARM versions, Server editions among dumped data


Exclusive A massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have leaked online.

The data – some 32TB of official and non-public installation images and software blueprints that compress down to 8TB – were uploaded to betaarchive.com, the latest load of files provided just earlier this week. It is believed the confidential data in this dump was exfiltrated from Microsoft's in-house systems around March this year.

The leaked code is Microsoft's Shared Source Kit: according to people who have seen its contents, it includes the source to the base Windows 10 hardware drivers plus Redmond's PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code.

Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels. It is supposed to be for Microsoft, hardware manufacturers, and select customers' eyes only.

Leaked ... Screenshot of a Beta Archives posting announcing on Monday, June 19, the addition of Microsoft's confidential source code archive

In addition to this, top-secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public, have been leaked among copies of officially released versions. The confidential Windows team-only internal builds were created by Microsoft engineers for bug-hunting and testing purposes, and include private debugging symbols that are usually stripped out for public releases.

This software includes, for example, prerelease Windows 10 "Redstone" builds and unreleased 64-bit ARM flavors of Windows. There are, we think, too many versions now dumped online for Microsoft to revoke via its Secure Boot mechanism, meaning the tech giant can't use its firmware security mechanisms to prevent people booting the prerelease operating systems.

Also in the leak are multiple versions of Microsoft's Windows 10 Mobile Adaptation Kit, a confidential software toolset to get the operating system running on various portable and mobile devices.

Netizens with access to Beta Archive's private repo of material can, even now, still get hold of the divulged data completely for free. It is being described by some as a bigger leak than the Windows 2000 source code blab in 2004.

A spokesperson for Microsoft said: "Our review confirms that these files are actually a portion of the source code from the Shared Source Initiative and is used by OEMs and partners." ®

Updated to add

Beta Archive's administrators are in the process of removing non-public Microsoft components and builds from its FTP server and its forums.

For example, all mention of the Shared Source Kit has been erased from its June 19 post. We took some screenshots before any material was scrubbed from sight. You'll notice from the screenshot above in the article and the forum post that the source kit has disappeared between the Microsoft Windows 10 Debug Symbols and Diamond Monster 3D II Starter Pack.

The source kit is supposed to be available to only "qualified customers, enterprises, governments, and partners for debugging and reference purposes."

In a statement, Beta Archive said: "The 'Shared Source Kit' folder did exist on the FTP until [The Register's] article came to light. We have removed it from our FTP and listings pending further review just in case we missed something in our initial release. We currently have no plans to restore it until a full review of its contents is carried out and it is deemed acceptable under our rules."

Send us news
152 Comments

Windows 11 market share falls despite Microsoft ad blitz

Only 10 months left until Windows 10 end of support and people still seem to prefer it

Microsoft pulls text recognition from Photos app preview

OCR tech not quite ready for primetime, in this bit of Windows at least

Microsoft preps big guns to shift Copilot software and PCs

IT admins be warned: 13,000 tech suppliers coming for your employer's checkbook

Microsoft hits back at claims it slurps your Word, Excel files to train AI models

Confusion over Connected Experiences settings in 365 apps spark concerns

Microsoft informed of yet another antitrust probe by US authorities

Investigation is apparently sweeping, but keen on info about AI, security, and cloud

Bing Wallpaper app, now in Windows Store, accused of cookie shenanigans

Microsoft free tool snooping on users? Surely not!

Microsoft shuttering dedicated licensing education, certification site

Spreading the content around other places – and may also sprinkle some AI in because why not

Microsoft patches the patch that broke Exchange Server

If at first you don't succeed, you might be on the Microsoft Exchange team

Microsoft slaps Windows 11 update hold on hardware connected to eSCL devices

Scanners, printers, and... fax machines?

Microsoft unleashes autonomous Copilot AI agents in public preview

They can learn, adapt, and make decisions – but don't worry, they're not coming for your job

Microsoft reboots Windows Recall, but users wish they could forget

AI snapshot tool stumbles back into the spotlight with more issues

Now’s your chance to try Microsoft’s controversial Windows Recall ... maybe

Like its AI, this automated screenshotter and logger is a feature not exactly everyone wanted