The source code for Windows 2000 and Windows NT has been leaked. Microsoft spokesman Tom Pilla confirmed to the Washington Post newspaper that "Today we became aware that incomplete portions of Windows 2000 and NT 4.0 source code was illegally made available on the Internet,"  The confirmation sent shockwaves through businesses using the Microsoft software for their enterprises.

A file named Windows.Source.Code.w2k.nt4.wxp.tar is apparently in circulation. With Microsoft confirming that the code is in the wild, it is expected that Microsoft operating systems will now be facing virus and worm threats on a scale not seen before. This is perhaps one of those defining moments of the net and any business that bases its enterprise software on Microsoft should be seriously worried.

Though the analysis of the Microsoft codebase will take some time, the whole blind testing approach that virus and worm writers have had to use until now can largely be removed from the virus and worm writing process. It is far easier to attack a system when its vulnerabilities are known. This codebase may give virus writers that missing piece of the picture.

Microsoft is working with the FBI on the leak. It does not seem to think that the source code leaked from its internal Microsoft network. Microsoft provides source code to a number of governments, some businesses  and approximately 50 universities under its Shared Source initiative. The size of the codebase for Microsoft Windows 2000 or NT is supposed to be approximately 40G but the source code circulating on the internet is apparently approximately 660 MB. It would fit on a CD-ROM. Even a partial leak would have massive ramifications for both Microsoft and the industry.

Ironically Microsoft had been advertising a free security briefing on Irish websites recently. The image used in the advert seems remarkably apt - it appeared to be a Microsoft user with a strained face and hands clasped in prayer.