Microsoft distinguished engineer Galen Hunt has clarified that Redmond is NOT planning to imminently rewrite Windows in Rust using AI-powered code refactoring – after claiming that his goal is to eliminate “every line of C and C++ from Microsoft by 2030” using “AI processing infrastructure.”

In a LinkedIn post shortly before Christmas, Hunt revealed plans to “rewrite Microsoft’s largest codebases,” in the memory safe language Rust: “Our North Star is ‘1 engineer, 1 month, 1 million lines of code,’ Hunt wrote. Microsoft will be using “AI *and* algorithms” to deliver the work, he added.

We’ve built a powerful code processing infrastructure. Our algorithmic infrastructure creates a scalable graph over source code at scale. Our AI processing infrastructure then enables us to apply AI agents, guided by algorithms, to make code modifications at scale. The core of this infrastructure is already operating at scale on problems such as code understanding.” – Microsoft Distinguished Engineer Galen Hunt

But as the post went semi-viral, and questions were raised about the refactoring of large codebases like Window using AI, Hunt updated the post to clarify that “my team’s project is a research project. We are building tech to make migration from language to language possible,” he wrote. “The intent of my post was to find like-minded engineers… not to set a new strategy for Windows 11+ or to imply that Rust is an endpoint…”

See also: Microsoft open-sources UEFI firmware, rewritten in Rust 

In line with both Microsoft’s own “Secure Futures Initiative” and policy-maker guidance (e.g. from the National Security Agency) urging software firms to move towards the use of memory-safe languages, Redmond has been chipping away at portions of its codebase already.

In October 2025, for example, Microsoft open-sourced an implementation of UEFI boot firmware dubbed “Patina” written from the ground up in Rust. 

Patina’s repository describes it as an effort to create a “replacement for core UEFI firmware components so they are written in Pure Rust as opposed to Rust wrappers around core implementation still written in C” – Redmond published it under the “Open Device Partnership”; a group of largely Microsoft engineers currently working on a trio of Rust-centric projects.

The previous year, Microsoft announced the Hyperlight project, an open-source Rust library organisations can use to ‘execute small, embedded functions using hypervisor-based protection for each function call at scale.”

Rewriting Windows in Rust... a piece at a time

Mark Russinovich, CTO, Deputy CISO, and Technical Fellow for Microsoft Azure, meanwhile spoke at 2025’s Rust conference – noted in October that when it came to Rust’s use, “starting with Windows,  one of the first places that we want to focus  Rust is in places where we can't tolerate garbage  collection – and it is security critical software, of course that includes UEFI.”

He added: “When it comes to mainstream Windows, one of the first areas that we said we really want to get Windows moved over from C++ to  Rust… is the DirectWriteCore, which [does] font parsing and font rendering – a common cause of security  vulnerabilities from the start of Windows.  

“Two developers took on this project. In six months they'd ported TrueType with 154,000 lines of Rust code and had  it compiling and running in Rust.”

Russinovich added that Microsoft was also working on porting Win32k to Rust. This core element of Windows is “where the graphics subsystem and the windowing subsystem live.” (That’s the Graphical User Interface or GUI, including window management, graphics device interface or GDI, etc.)

“Both of those have actually been the source of  pretty much non-stop kernel vulnerabilities that have resulted in elevation of privilege problems  for Windows,” Azure’s CTO noted. “It’s like the underground oil repository that is leaking oil  up a few drops at a time just consistently. So we said let's go see if we can start to get Rust  in the kernel starting with the the highest risk  surface area of Windows this part.” Microsoft has now ported GDI region code to Rust – “shipping now officially in your Windows systems.”

Hunt’s post about the use of AI to make this shift appears to have been what attracted most speculative criticism – the top comment under his post sums up that response. Written by former Facebook and Google senior software engineer Wolfgang Grieskamp, it notes that “if you just transpile C/C++ to Rust, you will very likely produce rather inefficient code using refcounts all over, or code which is 'unsafe' in Rust's sense, losing the advantages of the language. This is the painful experience of about everybody who attempted to port an existing code base into Rust. 

“In Rust, you need to carefully reason from the beginning about the ownership of data. This has implications for your data organization as well as some algorithms which propragate [sic] into the system architecture.

“You (or AI) has to design the code from the ground up for the fitting memory ownership model…” Wolfgang Grieskamp

Hunt, meanwhile, is still recruiting for someone to “help build and combine static analysis and ML tools to empower AI-assisted translation and migration tasks across the world’s largest bases. You will work with state-of-the-art LLMs and reasoning models, large code bases, and static analysis algorithms and advanced code parsers to enable AI agents at the largest scales,” a job description shows. Interested? Learn more here.

See also: Specs appeal: LLMs are sloppy coders. Is “Spec-Driven Development” the answer?

The link has been copied!