Microsoft source code is both copyrighted and protected as a trade secret. As such, it is illegal to post it, make it available to others, download it or use it. Microsoft will take all appropriate legal actions to protect its intellectual property. These actions include communicating both directly and indirectly with those who possess or seek to possess, post, download or share the illegally disclosed source code.

Specifically, Microsoft is sending letters explaining to individuals who have already downloaded the source code that such actions are in violation of the law. Additionally, Microsoft has instituted the use of alerts on several peer-to-peer clients where such illegal sharing of the source code has taken place. These alerts are designed to inform any user who conducts specific searches on these networks to locate and download the source code that such activity is illegal.

Questions about the ongoing investigation should be referred to the FBI.

On Monday, February 16, Microsoft began investigating a reported exploit on versions of Internet Explorer allegedly discovered by an individual studying the leaked source code. This exploit is a known issue that Microsoft had discovered internally and addressed with the latest release of Internet Explorer—Internet Explorer 6.0 Service Pack 1.

We are committed to helping our customers protect their networks and will take all appropriate steps to meet this commitment. Microsoft continues to recommend that customers stay up to date with the latest security updates and service packs. Customers running Windows 98, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP should upgrade to the latest version of Internet Explorer, Internet Explorer 6.0 Service Pack 1, with all updates at http://windowsupdate.microsoft.com. Customers running Windows XP Service Pack 1 or Windows Server 2003 who have installed all of the latest updates are not impacted because Windows XP Service Pack 1 and Windows Server 2003 both include Internet Explorer 6.0 Service Pack 1.

For security guidance, best practices, and ongoing updates, business customers should go to http://www.microsoft.com/security. Consumers should go to http://www.microsoft.com/protect to help them protect their PCs and to easily enable automatic updates.