• dan@upvote.au
    link
    fedilink
    English
    arrow-up
    37
    ·
    edit-2
    5 months ago

    tl;dr there were two leaks: A Microsoft employee had compiler issues and attached the code to a publicly-visible bug report, and Microsoft’s public symbol server had debug symbols for the library (which makes it a lot easier to reverse engineer and debug the production build in a debugger).

    Did the employee that accidentally leaked it think that the public developer community was an internal bug tracker? Strange. I wonder if Microsoft do actually use the same site for both internal and external bugs and the employee just selected the wrong category when posting. Seems like an unnecessary risk.