Redmond has now issued legal threats to anyone who made the tool available for download, but it may be too late to avoid circulation. COFEE was listed on various torrent networks and other locations on the Internet. This move is likely a reflection of Microsoft's anti-piracy agenda more than an effort to prevent distribution. They reinforced their legal threats with requests to hosting companies to pull sites which mirrored the files involved.
At least one site, Cryptome, has already been taken down, and most sites will probably comply with the request voluntarily. The damage has already been done, and new versions of the tool are already in development, which will make the leaked version obsolete.