back to article Microsoft claims to love open source – this alleged leak of Windows XP code is probably not what it had in mind, tho

The source code for Windows XP and other elderly Microsoft operating systems appears to have leaked online as the mega-corp's Ignite developer shindig came to an end. Heck, there's no physical swag for attendees nowadays so how about a big ol' source dump? The source of the alleged code leak is unclear; a torrent for the …

  1. cornetman Silver badge

    > A Microsoft spokesperson told The Register: "We are investigating and will take appropriate action to help keep customers protected."

    Nothing quite like security through obscurity. :)

    1. Snake Silver badge


      Because "millions of eyes looking at [the] source code" has proven to be any better?

      Just sayin'

  2. Sandtitz Silver badge

    Funny part

    To me, that Twitter code snippet has a very good quality comment.

    Then again, the "security be damned!" in the comment is just cherry on the cake.

  3. StrangerHereMyself

    Shared code base

    Since XP and Windows 10 share a large common code base this leak might be very helpful to intelligence agencies and hackers hunting zero-days.

    Many parts of Windows haven't been touched in ages since things keep being bolted onto the Windows NT codebase. Some parts may even go back to the 1980's, as the Windows Message loop was present in the character-based Windows 1.0.

    1. Anonymous Coward
      Anonymous Coward

      Re: Shared code base

      Well if you look, start with all of the code in the old control panel, and the MMC source code.

      There are so many horrors... things that cannot be unseen...

    2. Ken Hagan Gold badge

      Re: Shared code base

      Intelligence agencies almost certainly have the code already. Even MVPs were given access to a fair bit of the code in years gone by. However, I'd be surprised if much of the code is still present unchanged in Win10. There are two reasons for this.

      Firstly, C++ has changed significantly over this period and MSVC has followed those changes. Also, Microsoft's own static checking tools have evolved. I doubt the XP source code would get through the build process today.

      Secondly, what the code is trying to do, in terms of protocols like SSL and SMB, also changes if you give them long enough. Even if you set out to be completely backwards compatible, you are going to end up changing pretty much every line of the implementation over a two-decade period because the "same" code has to support the newer protocols and increasingly treat the older protocol as a special case rather than the main event.

      There's certainly no way the message pump will have survived from Win1. That was a co-operative multi-tasking system that obsessed over swapping segments in and out of the active stack frame. The "modern" (NT and beyond) message pump divides its responsibilities between the OS/device layer and a delivery layer, where one instance of the delivery layer runs in each UI thread on the system. The latter hasn't changed much in 30 years, but it has had several accessibility and hooking mechanisms added (and removed) over that time, and it also has to co-operate with "new" environments like .NET.

      So, no, the worry here for Microsoft is not that anything of value has been leaked, it is that anything at all has leaked. Presumably the XP code is guarded in much the same way that its successors is guarded, so if there is a hole in the wall ...

      1. Anonymous Coward
        Anonymous Coward

        Re: Shared code base

        You say that, but doing a Windows Explorer extensions year ago, the Win2000 source from the TPB helped a lot getting it all working on WinXP and Win7. If you looked at the callstacks from Win7 and Win2000 they were the same bar the very top which had classes called things like async helper. The assembler at the bottom of Win7 looked very much like the compiled Win2000 source. This Windows Explorer had a of Win95/98 references and had at least at one point been to run on Win9x and NT.

        In closed source especially, you don't touch old source without good economic reason. Crappy C/C++ it may have been (same WINE code is way better) it worked and had been through a lot of field testing. Didn't see any tests, but maybe there weren't in that leak, or I didn't bump into them. It's a Pandora's box and since it was claimed by some to be written in Win7, but seams very unlikely from what I saw.

        1. LDS Silver badge

          Re: Shared code base

          Being backward compatibility one strong points of Windows, the fact that ABIs are quite stable is not a surprise - especially it has to be compatible at the binary level since you don't recompiled source code for each release. But the code inside a function can be quite different.

          In any large project anyway you can't rewrite old sources every time without a good reason to do so. Even open source projects aren't developed by people paid nothing and with an unlimited number of them.

          1. Anonymous Coward
            Anonymous Coward

            Re: Shared code base

            The Win7 callstack was the same as Win2k including bits not via COM interfaces. The Win7 assembler I looked at was what you expect from the Win2k source. Sure they could of rewritten it to be that similar, but bet they didn't. They just stuck some async stuff in as it sucked on multi core. Why spend the money and risk breaking stuff? Spend money in shiny stuff users notice. It was clear the code had already been through a good few versions of Windows.

            Active open source projects gets fiddled with just to make code nicer. Less caring about breaking stuff as it's all also open and can be fixed. (In fact I wish some guys would care more about breaking things...) Also it's to be looked at, so people try not be sloppy.

        2. John Brown (no body) Silver badge

          Re: Shared code base

          "It's a Pandora's box"

          No it's not. At least Pandoras box contained Hope :-)

          1. TeeCee Gold badge

            Re: Shared code base

            Yes, but that was the bit that didn't leak out.

  4. Captain Obvious

    How to destroy your competitors

    Give them Windows XP source code and tell them to use it in their products as the code is solid...

    1. Mage Silver badge

      Re: How to destroy your competitors

      React OS?

      They can't look at it, but they can have a separate team look at it and draw up specs for what an API should do?

  5. Lorribot Silver badge

    OLne wonders what the source of this is. Some ex MS employee rediscovered it in a backup of a home computer somewhere? A tech looking at old tapes of stuff and as a Linux fanboi decided to release it?

    If it was someone who had acces to current code and a grievance surely they would release that instead?

    Yes there will be common code between this and Windows 10, particularly in the aged code around 8 and 16 bit support that is probably still in there. AN perhaps it is time for MS to do a proper clear out of the all the old detrius that even refernces anything less than 32 bit.

    1. David 132 Silver badge

      One wonders what the source of this is.

      Someone seated at a Windows XP SP1 machine hit the Ctrl+Break key, then at the ensuing prompt typed LIST?

      1. davidp231

        They would have to type OLD first.

        1. David 132 Silver badge

          Ah, I was going to put that part in but figured it would be too obscure. Not everyone here has used a BBC Micro, poor souls.

          1. davidp231

            A shame really... you can pimp them out pretty well these days. I've got a Master 128 sat in front of me with USB support to run disk images, a 4GB CF IDE flash card, a GOTEK floppy drive emulator (runs images as if they were physical discs), and a RGB->SCART->HDMI box. And a Pi Zero that runs various co-processor images as if they were the real thing.

  6. Anonymous Coward

    It's 10% conspiracy garbage

    There's also a bunch of awful conspiracy theory crap, a copy of "Revolution OS", and a bunch of other not-source-code stuff in the archive. Because the windows source is totally related to how covid19 is spread by 5g towers. Or something. Apparently.

    ....errr... i mean... so I'm told - I'd obviously never download such a thing

    If one was downloading the torrent, I'd suggest skipping the 'media' directory.

    ...hypothetically speaking, of course...

  7. Blackjack Silver badge

    I am mostly interested if this will help to port some old Windows games to modern Operating Systems.

    After all I use a Virtual Machine with XP to play old games. Oh and Dosbox, ScummVM, ResidualVM and I used to use Freedos until the machine I had for it died.

    1. Novex

      It's not just old games. Some other (albeit obscure) software of the same vintage hasn't been updated for later operating systems so requires XP to run, and also old hardware (and not always obscure either) often doesn't get driver updates for later operating systems. I feel the best course of action with these situations is to ensure that the computers (if physical) are air-gapped and have restricted physical access so that who can do what on them is locked down to essential needs only. Obviously then they are no use for network or internet based usage, but unfortunately any old software or hardware that requires that will just have to be junked if the risks are perceived to be too high to take.

      1. Anonymous Coward
        Anonymous Coward

        @Novex - Exactly

        I have to keep a PC running Windows XP in my house only to run MS Flight Simulator 2002.

        1. Blackjack Silver badge

          Re: @Novex - Exactly

          Unfortunately machines that run XP are starting to fail, hard disks are not that hard to replace but if the Bios dies you can kick that machine goodbye.

          Virtual XP on Windows 7 pro and Enterprise or a virtual machine of XP in Windows 10 can run it but you do need a powerful machine.

          What's that? How to run Virtual XP on Windows 10?

          1. Mage Silver badge

            Re: @Novex - Exactly

            The MS tool to image an XP OS (non-EFI) as a file for a VM on Win10 makes a file that works fine on the stock Linux VM, which seems like a similar application. Worked to image my 2002 to 2016 laptop and run it in the Linux VM. Actually works on an external USB HDD, which is handy.

          2. NetBlackOps Bronze badge

            Re: @Novex - Exactly

            On the other hand, relatively powerful machines, used, are pretty cheap. Heck, even 1L factor machines with an i7 and 32-64 GB machines are a heck of a lot cheaper than what you'd pay for a desktop or laptop. I've been paying close attention to that market here.

  8. Sanguma Bronze badge

    Should be interesting

    The prior NT 4-Win2k leak was only partial as far as the Win2k/NT5.0 source tree went. It might make an interesting MSc thesis to track some of that source tree from NT 4.x to NT 5.1.sp1.

    And perhaps Microsoft should minimise the potential damage by issuing a statement like the one AT&T's successors eventually released on the Unix Research 8, 9, and 10 source trees:

    Alcatel-Lucent USA Inc. (“ALU-USA”), on behalf of itself and Nokia Bell Laboratories agrees, to the extent of its ability to do so, that it will not assert its copyright rights with respect to any non-commercial copying, distribution, performance, display or creation of derivative works of Research Unix®1 Editions 8, 9, and 10.

    etc, thus freeing it for security research and general hobbyist experimentation.

    1. karlkarl Silver badge

      Re: Should be interesting

      There was the NT Research Kernel

      It was released by Microsoft a while ago. Basically a stripped down Windows Server 2003 kernel. I don't think it has ACPI and things like that.

  9. PhilipN Silver badge

    "the POS version"

    Strangely my brain is preventing read access to the synapse holding the innocent meaning of this acronym.

    1. Robert Carnegie Silver badge

      Re: "the POS version"

      "point of sale" i.e. tills and kiosks I suppose.

      1. Hubert Cumberdale Silver badge

        Re: "the POS version"

        (I think he knows that...)

  10. DMcDonnell

    China and Russia

    Torrenters from China, and Russia are very represented in the swarms. about 5 times as many vs all other countries combined.

  11. Inventor of the Marmite Laser

    time to migrate to pastures new is well overdue.

    Remember: the grass is always greener close to the septic tank

  12. Paul Hovnanian Silver badge

    Love open source

    Good for thee, but not for me.

  13. Anonymous Coward
    Anonymous Coward


    I recall a several years ago another tech and I were at a large printer that was being worked on, my co worker stated to the printer tech that the sound pattern the disk was making was the same as his XP system (during reboot), the printer tech confirmed it was XP under the hood. I'd expect there are other XP imbedded systems out there that this source code leak will make more susceptible to exploits.

    1. Cliffwilliams44 Bronze badge

      Re: Printers

      I walked up to an ATM one day, I believe it was around 2010. I nearly fainted at the site I saw. Windows 98 with a crash notice on the screen. Luckily this was not my bank and I never used an ATM from that bank again. In fact, I rarely use ATMs since then.

  14. martynhare
    Thumb Up

    Someone unaffiliated with ReactOS should...

    Use this to add the missing functionality and compatibility so that folks can enjoy the good old days of Office 2003, Media Player Classic, Opera (Presto) and the like with a highly ergonomic and easy-to-understand UI. Why? 4GB of RAM should have been enough. Modern software is not of any higher quality where it really matters - resource efficiency and reliability.

    1. Mage Silver badge

      Re: Someone unaffiliated with ReactOS should...

      Office 2003 seems to work fine under WINE, which is handier than a VM. Office XP/2002 mysteriously is almost impossible to install on WINE.

      4G of RAM? The NT4.0 Enterprise could use more RAM than XP, which was 4G max, and either 2G or 2.5 G for an application depending on BOOT.INI settings. MS disabled PAE.

      Then Intel made the Atom, deliberately crippled to 2G of external RAM, so even some win 10 systems were shipped with 32 bit Win10 on 64 bit Atoms.

  15. TeeCee Gold badge

    ...infosec gurus reckon it looks legit.

    Found that many critical bugs already have they?

  16. Mark Exclamation Bronze badge

    More like "Piece of shit" version.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021