Code Red Round 2: Infected Servers Piling Up

An organization monitoring the number of servers infected by the Code Red Worm was reporting Thursday afternoon that the total nearly rivaled all the servers infected in the worm's first round.

The SANS Internet Storm Center reported that 276,237 servers were infected Aug. 1. In its original July outbreak, the worm infected 280,391 hosts, according to the center.

The Code Red worm affects Internet Information Server/Services version 4.0 and 5.0 running on Windows NT and Windows 2000. Once a machine is infected, it spends the first 19 calendar days of the month scanning other machines for vulnerability to infection. The next nine days are dedicated to a denial-of-service attack against the White House Web site.

The worm emerged in mid-July but only ran wild for a few days or a week before its self-coded date for cutting off its port scanning activity. The vulnerability it relies upon in IIS was discovered and patched in June.

U.S. government agencies, security organizations and companies unleashed a massive education campaign in late July to try to get system administrators to patch their systems before the worm resurfaced at the beginning of this month. Some observers say many of the IIS systems infected in this most recent outbreak are located in Asia.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Performing a Storage Refresh on Windows Server 2016, Part 1

    To spruce up some aging lab hardware, Brien decided to make the jump to all-flash storage. Here's a walk-through of the first half of the process.

  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

  • Windows 10 Version 1809 Users May Get Visual Studio Crashes

    Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

  • Standardizing the Look of Outlook's Outbound Messages

    Microsoft typically gives users a blank canvas to compose new e-mails in Outlook. In some corporate environments, however, a blank canvas isn't a good thing.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.