Code Red II Variant on the Prowl
Security experts are watching a new variant of the Code Red II worm that began appearing on some monitoring networks Tuesday. The worm is nearly identical to its ancestor, save for a modified drop-dead date that is now several thousand years in the future.
Known as Code Red.F, the worm uses the same infection method as the previous versions, attacking Web servers running Microsoft Corp.'s IIS software. The worm so far has infected only a few machines, and because most administrators patched their servers after the initial Code Red outbreak in 2001, it is unlikely to spread extensively, experts say.
All of the Code Red worms exploit an unchecked buffer in the Index Server in the IIS software. They then spread by infecting one machine and then scanning a list of random IP addresses and attempting to connect to port 80. The original Code Red, which struck in July 2001, infected several hundred thousand IIS servers and caused massive traffic disruptions on some portions of the Internet.
More at eWeek
- Intel Debuts Long-Awaited Centrino
- Dell fires in Texas, hires in Taiwan
- Centrino-based notebooks starting to be announced
- Nvidia mobile GPU selected for Sharp multimedia notebook
- SiS to introduce new K7-based SiS748 chipset
- VIA releases KN400 chipset for new Athlon XP-M processors
- Bungie Says Halo 2 For Xbox Will Not Ship This Year
- AMD Shows off 12 New Mobile Processors at CeBIT
- OCZ Announces High-Speed Quad Band Memory Modules
- Leadtek Makes Exciting Product Announcements At CeBit.
- Dell Launches D-Family Of Notebooks Featuring Centrino Technology
- Lian Li Announces PC-6070 Silent PC Case
- Toshiba Launches Full Line Of Centrino Notebooks
- 3Com Offers New Modular Wireless Access Points Offering Dual Compatibility
- ATI unveils updated Mobility Radeon 7000 IGP notebook chipset
- Toshiba unveils 2Gbit NAND flash
- Iomega Announces new CD-RW External Drive 52x24x52x USB 2.0
- ATI Introduces Mobility Radeon 9600 Family
