Code Red Worm

The CODE RED worm is a malicious piece of software that replicates and propagates to unpatched Microsoft IIS webservers running on Windows NT or 2000. Once the worm has infected a machine it begins scanning random IP addresses looking for other IIS servers to infect. The worm is currently estimated to have infected at least 50,000 servers and is spreading fast. The scanning traffic generated by the worm is now causing denial of service effects on many networks. An analysis of the worm's programs indicates that all infected machines will begin waging a flooding attack against www.whitehouse.gov sometime tomorrow (July 20th). The effect of this many machines operating in concert in a DDoS attack could possibly be devastating to the Internet infrastructure. Please visit the following URL for information and patches from Microsoft. http://www.microsoft.com/technet/security/bulletin/MS01-033.asp