Microsoft is claiming that the leak did not come from their network or the Shared Source Initiative.
But a new article from eWeek disputes part of that claim:
Clues to the source code’s origin lie in a “core dump” file, which is left by the Linux operating system to record the memory a program is using when it crashes. Further investigation by BetaNews revealed the machine was likely used by Mainsoft’s Director of Technology, Eyal Alaluf.
References to MainWin can also be found throughout the leaked source files, which do not compile into a usable form of Windows.
Prior to Microsoft’s Shared Source Initiative launched in 2001, Mainsoft, which calls itself “the software porting company,” was one of only two partners with access to the Windows source code under Microsoft’s Windows Interface Source Environment (WISE) program.
It is reassuring to know that it was only Win2K SP1 that was leaked (what happened to the inital report about NT4?) because MS has had 3 or so years to fix bugs found in SP1. Hopefully that means very few successful virii/worms will come of it.