If possible, disable the caching of secure pages in your browser.
Kill the Code Red Worm
July 19, 2001
The Code Red Worm, a new Internet worm designed specifically to compromise computers running Microsoft's Web server software may have already infected several thousand machines. Fortunately security professionals have discovered a way of snuffing out the worm: simply reboot the computer.
The worm infects the IIS Web server and then may display a message in red letters to visitors: "Welcome to http://www.worm.com ! Hacked By Chinese!"
The malicious program was designed to compromise only servers running the English language versions of Microsoft's Windows NT and Windows 2000 operating systems.
The worm may also create 100 random IP addresses and scan them for vulnerable IIS servers. As each copy of the Code Red Worm creates its list of random IP addresses from the same source, therefore some unlucky non-ISS servers located in the initial IP address range could suffer a denial of service(DoS) attacks.
The owners of machines running Windows NT 4.0 with IIS 4.0 or IIS 5.0 enabled, Windows 2000 Professional, Server, Advanced Server and Datacenter Server, or beta versions of Windows XP are recommended to get the patch from Microsoft advisory: http://www.microsoft.com/technet/security/bulletin/MS01-033.asp
Kill the Code Red Worm
