Microsoft officials on Friday confirmed that a tool the company had commissioned from a third-party to help Windows XP users migrate to Windows 7 does indeed contain unauthorized open source code.
Because of that, Microsoft (NASDAQ: MSFT) plans to bring the tool into compliance with the license of that code, the GNU Public License version 2 (GPLv2), by publishing the source code and the binaries (including the executable code) of the migration tool next week.
“After looking at the code in question, we are now able to confirm [the tool contained GPLv2-licensed code], although it was not intentional on our part. While we had contracted with a third party to create the tool, we share responsibility as we did not catch it as part of our code review process,” Peter Galli, open source community manager for Microsoft’s Platform Strategy Group, said in a blog post Friday.
The tool, called the Windows 7 USB/DVD Download Tool (WUDT), had been available for download since the October 22 consumer launch of Windows 7. It was created to enable a user to convert a Windows 7 download so it can be installed from a DVD or a USB drive, a convenient way to load Windows 7 onto a netbook that previously was running XP, for instance.
However, controversy began late last week when blogger Rafael Rivera Jr. wrote on his blog Within Windows that some of the code in the tool looked suspiciously like code from an open source product governed by GPLv2.
Microsoft removed the tool from the online Microsoft Store on Monday to investigate the allegation.
“When it comes to our attention that a Microsoft component contains third-party code, our aim is to be respectful of the terms under which that code is being shared,” Galli’s post said.
The source code in question comes from ImageMaster, a tool for reading and writing disk images, according to a description of the project on Microsoft’s open source Codeplex site.
In recent years, Microsoft has had mixed relations with the open source community, although it has tried more recently to make that relationship less contentious, starting with Codeplex and other projects in collaboration with open source developers to try to foster good will.
The news that Microsoft was apparently abusing GPLv2 code caused quite a stir, but Microsoft’s actions may help to assuage suspicions that anything that the company does in the open source world is aimed at causing the movement’s downfall — or at least its co-option.
“We are also taking measures to apply what we have learned from this experience for future code reviews we perform,” Galli’s post said.