The Windows 2000 source code that was\u00a0leaked to the Internet\u00a0originated from a\u00a0Microsoft\u00a0partner and not the software giant itself, according to the BetaNews.com Web site.In addition, the NTBugtraq Web site is reporting that the Windows NT code leak includes all of NT 4.0 Service Pack 3 and its more than 27,000 files. The code does not include Internet Information Server.BetaNews, a Windows-focused Web site, reported that the Windows 2000 code in the leaked archive was licensed to Mainsoft, which develops tools that allow developers to port Windows applications to Unix. In an ironic twist, the code, which was for Windows 2000 Service Pack 1, allegedly was removed from a Linux computer used by Mainsoft for development, according to the story.\u201cAll the NT 4.0 Service Pack 3 code is out there now,\u201d says Russ Cooper moderator of the NTBugtraq Web site and surgeon general for security firm TruSecure. But he does not think that it represents a monumental security risk.\u201cPeople have been hammering on NT, and I don\u2019t think the source codes means that people will find more vulnerabilities. There are 27,000 files. Where do you start and what year do you plan to finish? And it is SP3, not 6a,\u201d says Cooper.In fact, Cooper says the source code leaks don\u2019t represent any significant new risk. He says his only concern might be the PKI module that was leaked in the Windows 2000 code. \u201cThere, people may find more ways to break the trust model,\u201d he says.Cooper says network administrators should be \u201cas vigilant as you\u2019ve always been; this is not a new risk you have to address.\u201dA Microsoft spokesperson would not comment on the BetaNews report on Mainsoft because Microsoft is conducting an ongoing investigation. The investigation includes the FBI. She says partner Mainsoft is not a part of the Shared Source Initiative, which makes portions of source code available to customers, partners and governments.\u201cIt is important to note that this leak is not a result of a breach in Microsoft\u2019s network, security or Shared Source Initiative,\u201d says Stacy Drake, a Microsoft corporate public relations manager.Mainsoft officials say they are cooperating fully with Microsoft and all authorities in the investigation, but would not confirm if the code leak was linked to them or if they are a member of the Shared Source Initiative.\u201cWe are unable to issue any further statement or answer questions until we have more information,\u201d says Mike Gullard, Mainsoft chairman. \u201cMainsoft takes Microsoft's and all our customers' security matters seriously, and we recognize the gravity of the situation.\u201dMainsoft on its Web site says it has had a strategic partnership with Microsoft since 1994 and has unparalleled access to Windows source code.BetaNews reported that it is not known how the 30,195 files escaped Mainsoft, which uses the code for its Visual MainWin product.NTBugtraq\u2019s Cooper confirms that there are three references to Mainsoft as the licensee in the leaked Windows 2000 code, but said there is a possibility that someone could have maliciously inserted the Mainsoft reference in place of the name of the original licensee. Cooper says there are no references to Mainsoft in the Windows NT 4.0 code.Mainsoft has more than 1.4 million licenses of its software, including Microsoft, Siebel Systems, Computer Associates and IBM\/Rational Software.BetaNews.com reported that the Windows 2000 code represented only select portions of the Windows source code, which will likely limit the damage that could be done by hackers who gain access to the code.Microsoft on Thursday confirmed that some of its secret source code for Windows NT and 2000 had been leaked on the Internet, but the company downplayed the potential security concerns that the code will provide hackers a wide-open avenue to search for and exploit vulnerabilities. Microsoft said the leak represents some 15% of Windows source code.