• Home
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
  • Events
  • Resources
  • SMB Spotlight
  • Newsletters
  • Sign in
  • Events
    • Follow V3 Events

      Sign up to receive email alerts about our events

      Sign up
  • Resources
    • V3resources 120x194
      Network Security Forensics For GDPR Compliance

      An effective network security forensics strategy can assist an organization in providing key compliance-related details as part of any post-incident GDPR investigation.

      Download
      V3resources 120x194
      10 ways to increase productivity with managed Office 365

      For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

      Download
      Find resources
      Search by title or subject area
      View all resources
  • SMB Spotlight
  • Sign in
  •  
    •  

      You are currently accessing V3 .co.uk via your Enterprise account.

      Personalise your on site experience

      Download and use the apps

      Access your subscription from outside of the office

      Get relevant news and insight straight to your inbox

      • Sign in
     
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
 
  •  

    You are currently accessing V3 .co.uk via your Enterprise account.

    Personalise your on site experience

    Download and use the apps

    Access your subscription from outside of the office

    Get relevant news and insight straight to your inbox

    • Sign in
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
V3.co.uk
  • Security

Code Red plague on the rampage

Code Red is spreading like wildfire and is attacking more than just the server.

  • James Middleton
  • 20 July 2001
  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
0 Comments

The Code Red worm, which began its trail of destruction earlier this week, is spreading fast and this morning defaced Microsoft's Windows update site.

The knock-on effects from this fast-spreading IISS server worm are causing more problems to network kit because it attacks anything that uses HTTP, including Linux servers and printers.

Earlier this morning [Friday], windowsupdate.microsoft.com was defaced with the worm's characteristic statement: "Hello! Welcome to http://www.worm.com! Hacked by Chinese!"

Microsoft has since fixed the hack, but suffered the embarrassment of revealing that it did not update its own servers with the latest security patches.

The Code Red worm exploits a known buffer overflow vulnerability in the ISAPI extension in the Index Server of Windows 2000 and XP beta, for which Microsoft released a patch in June.

Paul Rogers, network security analyst at MIS, suggested that if the Windows update server had been open to this vulnerability for a month now, "who's to say someone didn't break in without doing anything so obvious as defacing the site, and Trojan some of the Windows update files."

He said that knock-on effects from the worm, which is programmed to break into Port 80 and deface a site, were causing other network problems.

Cisco has released an advisory warning that it may affect some of its kit, "and print servers are crashing too," said Rogers. "Basically anything accepting HTTP requests is getting DoS'ed," he added.

The White House, which was the original target for the worm's built-in denial of service command, managed to sidestep the torrent of data by shifting whitehouse.gov to a different IP address.

But Rogers said that as more info is gleaned about the worm, "it seems that it is programmed to lie dormant for some period after this weekend, and that means it could attack again."

The required patch to protect your IIS servers from this worm can be found here.

  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
  • Topics
  • Security

V3 Latest

Citrix launches lawsuit against Workspot over claims of patent infringement
Citrix launches lawsuit against Workspot over claims of patent infringement

Citrix claims Workspot has 'continued to mislead the market' and use Citrix-patented features

  • Cloud Computing
  • 23 April 2018
Researchers develop data transmission technique that could triple broadband speeds
Researchers develop data transmission technique that could triple broadband speeds

Using proven technology from wireless, coax and ADSL/VDSL communication

  • Gadgets
  • 23 April 2018
Government plans crackdown on touts who use automated online tools to buy up tickets in bulk
Government plans crackdown on touts who use automated online tools to buy up tickets in bulk

Touts crowding genuine fans out of the market, claims government

  • Government
  • 23 April 2018
TSB online banking issues lead to customer data leaks
TSB online banking issues lead to customer data leaks

Users complain they haven't been able to access their accounts or withdraw money

  • Networks
  • 23 April 2018
Back to Top

Most read

Citrix launches lawsuit against Workspot over claims of patent infringement
Citrix launches lawsuit against Workspot over claims of patent infringement
AMD Ryzen CPU release dates, specs and price: AMD hints at Ryzen 7 2800X plan to counter 8-core Intel Coffee Lake CPUs
AMD Ryzen CPU release dates, specs and price: AMD hints at Ryzen 7 2800X plan to counter 8-core Intel Coffee Lake CPUs
Oracle: Java SE 8 business users must buy a licence from January next year
Oracle: Java SE 8 business users must buy a licence from January next year
TSB online banking issues lead to customer data leaks
TSB online banking issues lead to customer data leaks
Russia blocks Google IP addresses days after Telegram ban
Russia blocks Google IP addresses days after Telegram ban
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • Newsletters
  • Facebook
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017