DataLeak Microsoft: 4GB of Microsoft PlayReady Code Made Public!

Pietro Melillo : 26 June 2024 07:45

On June 11, a Microsoft engineer inadvertently made 4GB of internal code related to Microsoft PlayReady public. The information leak occurred on the Microsoft Developer Community, a forum dedicated to developers.

Details of the Information Leak

The leaked material included:

• WarBird configurations
• WarBird libraries for code obfuscation functionality
• Libraries with symbolic information related to PlayReady

These components are crucial for content protection and digital rights management (DRM) within Microsoft platforms.

The Construction of the PlayReady Library

Researchers from the AG Security Research Lab successfully compiled the Windows PlayReady DLL library using the leaked code. Interestingly, a user from the Microsoft Developer Community provided step-by-step instructions on how to initiate the compilation process, further facilitating the researchers’ work.

Further Implications of the Information Leak

Another point of interest concerns the Microsoft Symbol Server, which does not block requests for PDB files corresponding to Microsoft’s WarBird libraries. This detail led to the unintentional leakage of additional sensitive information.

Adam Gowdiak from the AG Security Research Lab reported the incident to Microsoft. In response, Microsoft removed the post from the forum. However, at the time of writing this article, the download link is still active, raising concerns about Microsoft’s security and management of sensitive information.

Final Considerations

This incident highlights the importance of accurate management of confidential information and sensitive data within development platforms. Microsoft will need to address the implications of this data leak and implement stricter measures to prevent similar incidents in the future.

Future Prospects

The incident may lead to a review of security policies and information management within Microsoft, as well as raising questions about the reliability of developer sharing platforms. Security experts and developers will need to collaborate to ensure that such incidents do not recur, thereby protecting sensitive information and maintaining user trust.

In conclusion, the June 11 incident serves as a wake-up call for all tech companies: data security must be a top priority, and any breach can have significant consequences for a company’s reputation and reliability.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"