[gingerbread-man]

A very good point. But if that were the only impediment, I suspect Microsoft could come up with a rollout plan to mitigate (though not completely eliminate) this problem. Releasing a "preview" of the kernel source to trusted security researchers and academics might be a start.

[ocdtrekkie]

Believe it or not, trusted security researchers and academics already can request parts of the Windows source code, under non disclosure agreements, of course.

But it's one of the largest codebases in the world, AFAIK, and it's immensely complicated. It's hard to quantify just how much work would need to be done to verify it was even marginally safe for release. And there's tons of licensing related issues as well, as far as where Microsoft may have gotten some of the code inside Windows.

It's not impossible, but it's a big gamble, and Microsoft is not a company that gambles big. It's not really in their culture to do what you're suggesting. I would be thrilled if they did, but I'd be jaw-droppingly shocked if it did.

[untog]

I think that underestimates how truly difficult it would be. How many machines are out there in the world still running NT4? Identifying bugs is all well and good but ensuring the fixes go where they're needed... that would be a whole lot more work.