Skip to main content
If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Microsoft leaves Window open

Microsoft's own internal network has been infiltrated by hackers, who may have gained access to the Windows source code

Dark blue icons of video game controllers on a light blue background
Image credit: Eurogamer

Reports are emerging in America that Microsoft has been the victim of a hacker attack. Nothing new there perhaps, but what is worrying is that the hackers have apparently had access to Microsoft's own internal network for as long as three months, including (according to rumours) the source code for products such as Microsoft Windows and Office. Microsoft are refusing to confirm what (if anything) was stolen or modified, and are calling the attack "a deplorable act of industrial espionage". At this early stage though it looks more likely that a group of rogue hackers were responsible, rather than another software development company.

Either way, if those responsible did get hold of the source code for some of Microsoft's utilities and operating systems, the consequences could be massive. Not only could they produce their own modified versions of Windows, but they may be able to use the code to find more back doors in the already leaky operating system, and could even have inserted their own code into the source stored on Microsoft's network, potentially forcing the company to go through it with a fine-toothed comb looking for any malicious code. Products which could have been compromised include the recently released Windows ME and beta versions of Microsoft's next operating system, code-named Whistler.

The really embarrassing part of the story for Microsoft though is that their network was compromised by the well-known QAZ trojan, an annoying "worm" which has infected my own system in the past, and can open up your system to outside users. The virus is easily detected and cures are available, with most virus detection companies describing it as a low or medium risk now, so it's rather worrying that Microsoft were infected so easily and then failed to spot the problem for three months. In fact, Microsoft only noticed that their network had been compromised when they discovered that passwords were being sent to an e-mail account in St Petersburg, Russia...

Source - BBC News

Read this next