Windows XP source code released – New possibilities for attackers!

M.Sc. Jan Hörnemann

Windows XP source code released – New possibilities for attackers!

Exactly one week ago, an anonymous user shared a link on the 4chan message board. This link led to a file archive of about 3GB, where parts of the source code of Windows XP and Windows Server 2003 are located. Although these Windows versions have been out of date for years, the open source code poses a threat to current systems.

Windows XP source code became a collection

As already mentioned, at the beginning a link was distributed which leads to an archive containing about 3GB of source code of Windows XP and Windows Server 2003. After other users have seen this archive, it was extended with other leaked parts of the source code. So this archive, which was initially only 3GB in size, gradually became a 41GB collection.

source code archive
In this picture you can see the archive shortly after it was initially distributed. The file size is about 3.3GB

According to the initial assessments of Windows experts and security researchers, these published files are indeed original source code. The file extension cab is an archive. If you unpack the single archives you get access to several cpp and header files.

Unpacked source code
The individual small files that make up Windows XP and Windows Server 2003 can be viewed in the individual archives.

Dangers from published code

As soon as attackers have access to actually used Windows XP source code, it is likely that new vulnerabilities will be discovered. Through these vulnerabilities that the attackers can discover, new exploits are written that can exploit exactly these vulnerabilities.

Although Windows XP and Windows Server 2003 have been out of date for several years, these versions are still in use in some cases. It is often reported that outdated operating systems are still in use, because a changeover would be too expensive or too time-consuming. Some time ago Microsoft announced the support end for Windows 7, this is exactly where the discussion arose, since many authorities run all systems on Windows 7.

Beside the systems that actually still use Windows XP or Server 2003 there is also a danger for current systems with Windows 10, because the probability that parts of the Windows XP source code are also included in Windows 10 is very high. If a vulnerability is found in the public source code of Windows XP, it is quite possible that a similar vulnerability is included in Windows 10.

To protect yourself against such vulnerabilities and the associated attacks, you should update your systems regularly. Most updates are intended to close current security holes. Therefore updates should always be made.

Photo of author

M.Sc. Jan Hörnemann

Hello dear reader, my name is Jan Hörnemann. I am a TeleTrust Information Security Professional (T.I.S.P.) and have been dealing with information security topics on an almost daily basis since 2016. CeHv10 was my first hands-on certification in the field. With a Master of Science degree in Internet Security, I have learned about many different aspects and try to share them in live hacking shows as well as on our blog. In addition, I am active as an information security officer and have been qualified by TÜV for this activity (ISB according to ISO 27001)