Code Red Round 2: Infected Servers Piling Up

An organization monitoring the number of servers infected by the Code Red Worm was reporting Thursday afternoon that the total nearly rivaled all the servers infected in the worm's first round.

The SANS Internet Storm Center reported that 276,237 servers were infected Aug. 1. In its original July outbreak, the worm infected 280,391 hosts, according to the center.

The Code Red worm affects Internet Information Server/Services version 4.0 and 5.0 running on Windows NT and Windows 2000. Once a machine is infected, it spends the first 19 calendar days of the month scanning other machines for vulnerability to infection. The next nine days are dedicated to a denial-of-service attack against the White House Web site.

The worm emerged in mid-July but only ran wild for a few days or a week before its self-coded date for cutting off its port scanning activity. The vulnerability it relies upon in IIS was discovered and patched in June.

U.S. government agencies, security organizations and companies unleashed a massive education campaign in late July to try to get system administrators to patch their systems before the worm resurfaced at the beginning of this month. Some observers say many of the IIS systems infected in this most recent outbreak are located in Asia.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Microsoft Previews Microsoft Teams for Linux

    Microsoft on Tuesday announced a "limited preview" release of Microsoft Teams for certain Linux desktop operating systems.

  • Hyper-V Architecture: Some Clarifications

    Brien answers two thought-provoking reader questions. First, do Hyper-V VMs have direct hardware access? And second, how is it possible to monitor VM resource consumption from the host operating system?

  • Old Stone Wall Graphic

    Microsoft Addressing 36 Vulnerabilities in December Security Patch Release

    Microsoft on Tuesday delivered its December bundle of security patches, which affect Windows, Internet Explorer, Office, Skype for Business, SQL Server and Visual Studio.

  • Microsoft Nudging Out Classic SharePoint Blogs

    So-called "classic" blogs used by SharePoint Online subscribers are on their way toward "retirement," according to Dec. 4 Microsoft Message Center post.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.