Best Buy's Anniversary Sale Samsung Could One-Up Apple Peloton Alternatives GMMK Pro Keyboard Review Natural Sleep Aids $59 Off Apple TV Equifax Error: Check Your Status Biggest Rent Increases
Want CNET to notify you of price drops and the latest stories?
No, thank you

Google Chrome's open-source ally: Microsoft

Surprise! Some Microsoft software--and use of an undocumented Windows interface--is tucked within the source code of Google Chrome.

Correction 8:40 a.m. PDT Sept. 19: Google didn't disassemble Vista to employ the security feature described below. See this separate blog post for details.

During Google's launch of its Chrome Web browser, the company went out of its way to acknowledge the debt it owes two open-source projects, Firefox and WebKit. But Microsoft, an uncommon ally in the open-source realm, might also deserve a tip of the hat.

After some digging through the Chrome source code, Scott Hanselman, a senior programming manager for Microsoft, found that the browser uses an open-source Microsoft project called the Windows Template Library, software for building a Windows user interface. (It uses an abstraction layer so other interface software can be employed on other operating systems.)

Microsoft's WTL project
Microsoft's WTL project is available on, a repository of open-source projects.

On its open-source Chromium site, Google lists WTL 8.0 as included third-party software.

Microsoft, while keeping its crown jewels proprietary, has been lurking around the fringes of the open-source realm for years now. Open-source software may be moved freely from one project to another; though license particulars sometimes erect barriers, both Chrome and WTL use relatively liberal licenses.

There's a bit more intrigue with some other Microsoft technology, though. For security technology called Data Execution Prevention, which can help block various forms of attacks, Google also apparently used an undocumented interface from Microsoft to get the feature working in Windows XP SP2.

Microsoft's Arun Kishan said the interface is "undocumented and unsupported" and "initially only intended for our own use" on a Microsoft forum posting. Using such APIs (application programming interfaces) can get software into trouble, because operating system companies offer no guarantees future software will support them, so upgrades can break compatibility.

And in describing how to use the security feature, Google said people could disassemble the Windows Vista's underlying source code--in other words, extract the operating system's low-level instructions from the Vista binary. Disassembly is one form of reverse-engineering.

Google spotlighted the technology in a comment in the Chrome source code: "Completely undocumented from Microsoft. You can find this information by disassembling Vista's SP1 kernel32.dll with your favorite disassembler."

The software takes the high road if possible, according to another comment: "Try documented ways first. Only available on Vista SP1 and Windows 2008."

Google didn't immediately comment on the move.

Matt Asay, a Mac user and an executive at open-source firm Alfresco, pines for a Mac version of Chrome, suggesting that leading off with Windows may have been a "strategic error" even if the Windows Template Library made it easier to get the Windows version out first. "It might make sense to aim for the mainstream (i.e., corporate IT, which would get the most benefit from an JavaScript-optimized Web browser), but the mainstream isn't in the habit of trying out the latest and greatest," Asay said.

Google's not dumb, though: there are plenty of programmers and early adopters using Windows, even if the cutting-edge crowd might be proportionally larger with Mac OS X or Linux. Besides, making headway in today's browser wars will take more than a few months and one beta version, and the Mac OS X and Linux versions of Chrome are under development.

(Via Redmond Developer News.)