Meanwhile the content of the post is merely that an engineer who works for a team within Microsoft's AI division wrote on LinkedIn "my goal is to eliminate every line of C and C++ from Microsoft". (He believes that he can get AI agents to accomplish this.)
Not quite the same as an official plan announced by the CTO or something. Bit misleading title.
https://www.microsoft.com/en-us/research/people/galenh/proje...
> Decades of vulnerabilities have proven how difficult it is to prevent memory-corrupting bugs when using C/C++. While garbage-collected languages like C# or Java have proven more resilient to these issues, there are scenarios where they cannot be used. For such cases, we’re betting on Rust as the alternative to C/C++. Rust is a modern language designed to compete with the performance C/C++, but with memory safety and thread safety guarantees built into the language. While we are not able to rewrite everything in Rust overnight, we’ve already adopted Rust in some of the most critical components of Azure’s infrastructure. We expect our adoption of Rust to expand substantially over time.
-- https://azure.microsoft.com/en-us/blog/microsoft-azure-secur...
> And, in alignment with the Secure Future Initiative, we are adopting safer programming languages, gradually moving functionality from C++ implementation to Rust.
-- https://blogs.windows.com/windowsexperience/2024/11/19/windo...
> We will accelerate and automate threat modeling, deploy CodeQL for code analysis to 100 percent of commercial products, and continue to expand Microsoft’s use of memory safe languages (such as C#, Python, Java, and Rust), building security in at the language level and eliminating whole classes of traditional software vulnerability.
-- https://www.microsoft.com/en-us/security/blog/2023/11/02/ann...
So naturally, there are many people that besides AI KPIs, now have to match their SFI KPIs at Redmond, including Mark Russinovich.
"Mark Russinovich, Microsoft Azure CTO tells Rust Nation UK 2025 why Azure is moving to Rust from C++"
https://www.youtube.com/watch?v=SmUprpjCWjM
"Microsoft is Getting Rusty: A Review of Successes and Challenges - Mark Russinovich"
https://www.youtube.com/watch?v=1VgptLwP588
Naturally aiming at 2030 for the amount of existing C++ code is crazy, and there are groups within Microsoft, especially DirectX and Windows that most likely won't let go of their toys.
from the LinkedIn post [0]:
> I have an open position in my team for a IC5 Principal Software Engineer. The position is in-person in Redmond.
> My goal is to eliminate every line of C and C++ from Microsoft by 2030.
so perhaps a more accurate title would be "one guy at Microsoft, in a LinkedIn job posting, says it's his goal to replace all C/C++ code with Rust"
0: https://www.linkedin.com/posts/galenh_principal-software-eng...
If we're talking hypotheticals, I'd much rather Microsoft open source the NT kernel and low-level subsystems (like ntdll.dll). Open sourcing all of Windows would be even better, but that seems nearly impossible to me.
Well, it's way beyond sucks. But ok: is it even possible to run windows with just a command line ... no ui, no graphics, start menu, no file manager or is the ui too integrated into the OS?
Docker supports Windows containers [0], but this requires a Windows host so it probably doesn't help you too much. Windows PE [1] does support a GUI, but it doesn't include any of the traditional shell components. Nano Server [2] is the closest to what you're talking about, but it's been deprecated.
> start menu, no file manager or is the ui too integrated into the OS
Windows Phone [3], Windows IoT [4], and Xbox are all NT-based, and none of them include a traditional file manager or shell, but they all do have GUIs.
[0]: https://hub.docker.com/r/microsoft/windows
[1]: https://en.wikipedia.org/wiki/Windows_Preinstallation_Enviro...
[2]: https://learn.microsoft.com/en-us/previous-versions/windows-...
https://learn.microsoft.com/en-us/windows-server/get-started...
Why don't you use it ?
2. Because what I want doesn't exist. Windows NT has excellent technical foundations, but I really don't like using Win32 or any of the Windows shell stuff, but there's no way for regular consumers to use Windows NT without Win32. (WSL exists, but that still requires a full Windows installation)
3. The ecosystem. Linux tends to have much better support than Windows for the types of software that I use, and a hypothetical GNU/NT hybrid would have even worse than both Windows and Linux.
(We went to the same university, ive never worked with him and actually worked at a competitor for about twenty years, but know plenty of folks who have worked with him and am fairly familiar with his work and research)
A guiding metric on lines of code. How could this possibly go wrong?
Maybe the plan is not testing because they think that Rust is "safe" and automatic translation is smarter than a typical Microsoft employee.
"Our strategy is to combine AI and Algorithms to rewrite Microsoft’s largest codebases. Our North Star is ‘1 engineer, 1 month, 1 million lines of code.’"Anyone who has experience with LLMs knows that strong typing, static validation, and testing is how you get the most out of codegen. The kind of thing Rust is for. I can think of ways to do this gradually, that would actually work.
It's something that would take years to see effects in a C++ codebase but I think the alternative of sticking with C++ is a dead end.
Somewhat relevant: I chuckled at this (quite accurate) 2 hour overview of the unfixable problems with C++: https://www.youtube.com/watch?v=7fGB-hjc2Gc.
Unreliable source: I worked at Microsoft (on C++) many years ago and I've been writing C++ on/off for ~15 years.
“If it compiles, it is probably correct” is a major aid if you do not actually understand what the code is doing. AI and the compiler could be powerful partners.
Word and Excel almost certainly have 30 year old C++ code that #must-not-be-touched, bugs and all.
Are they going to upstream their changes to the Google Chrome-codebase?
Most anything related to “intrusive linked lists” is difficult or outright impossible in safe Rust, but is commonly used in operating system code.
What can go wrong? Yikes...
The post is clearly aimed at self-promotion. The guy is basically referring to mundane things like using transpilers to generate Rust from C. Those have been around for a few years now, such as C2Rust[1]. At best, this sort of project is looking for corporate backing to politically handle this sort of migration.
At this point this sort of stunt is hardly technical, and instead it's something between a publicity stunt and managing technical debt.
C2Rust is not going to be very idiomatic.
That's irrelevant when discussing migrating large volumes of code. The hard part is migrating the project to another tech stack and setup proper test coversge. After that point, nice-to-haves such as idiomatic code is treated as mundane maintenance work.