The company said in a statement that it would take "appropriate legal action" against anyone possessing, or seeking to possess; posting, downloading or sharing the code that was discovered on the Web Feb. 12. "Specifically, Microsoft is sending letters explaining to individuals who have already downloaded the source code that such actions are in violation of the law," the statement said.
In addition, Microsoft has "instituted the use of alerts" on several peer-to-peer sites where sharing of the code had taken place. "These alerts are designed to inform any user who conducts specific searches on these networks to locate and download the source code that such activity is illegal," the company said.
Microsoft also said in the statement that an investigation had shown that the unauthorized release of the Windows 2000 and Windows NT 4.0 source code wasn't the result of any breach in the company's corporate network or internal security. The leak also wasn't related to Microsoft's Shared Source Initiative or its Government Security Program.
Microsoft partner Mainsoft Corp. acknowledged last week that it was investigating reports that the code may have originated from the company. Mainsoft was one of the original licensees of Windows source code. Mainsoft officials weren't immediately available for comment on Wednesday.
Besides sharing source code with partners, Microsoft also makes Windows code available to security-sensitive government projects.
Microsoft has acknowledged that about 15% of the Windows 2000 and NT source code were found circulating on Windows enthusiast Web sites and throughout the cracker underground. However, the code couldn't be compiled, making it impossible for someone to recreate Windows for illegal distribution.
Many security experts played down the potential security threat, saying that just having the code didn't necessarily mean a hacker could exploit any vulnerability. On Monday, for example, Microsoft said a flaw discovered by an individual studying the code had already been addressed by the company through a previously released patch.