Code Red II is more malicious than its predecessor
August 7, 2001
A new and possibly more malicious version of the "Code Red" computer worm is rapidly spreading in the wild using the same means of compromise as the original Code Red.
So called "Code Red II" targets the Microsoft Indexing Server/Indexing Services ISAPI Buffer Overflow vulnerability. But this worm has been designed to scour far more IP addresses than its predecessor -- allowing it to spread much further -- while at the same time causing more data to sent across networks. It also creates backdoors on every server it compromises that allow an attacker to remotely access that server. As with "Code Red", only web servers are vulnerable -- home computer users are generally immune.
Machines that had already been "patched" with Microsoft software aimed at thwarting the worm were not vulnerable to the new "Code Red", computer experts of Eye Digital Security said.
Code Red II is more malicious than its predecessor
