Code Red dead?

The Code Red worm has resolutely refused to destroy the internet following its supposed re-awakening time of midday yesterday.

The Code Red worm has resolutely refused to destroy the internet following its supposed re-awakening time of midday yesterday.

Code Red is a worm that attacks a known hole in Microsoft Internet Information Server (IIS) software versions 4.0 and 5.0. A patch has been available for more than a month, however over 300,000 servers were infected in the first 10 hours of the virus's attack last month.

Concerns that the virus would re-launch at the start of August 1 seem to be unfounded as systems around New Zealand and Australia go unmolested.

Australia's largest website hosting company, Web Central, has reported to The Australian newspaper that it has seen around 200 attempted attacks on its servers "from overseas" but other than that there seems to be little to worry about at this stage.

Anti-virus firm Symantec now claims the worm should not re-awaken on already infected machines.

"The worm can only affect machines that have not been previously infected and still have the vulnerability on the web server," says the Symantec Anti-virus Centre (SARC).

Co-Logic director Arjen de Landgraaf says New Zealand servers are reporting nothing out of the ordinary since the noon kickoff.

The biggest risk seems to now be from any new strain of Code Red - various commentators are warning of the danger of a new payload causing mayhem.

Nick FitzGerald, director of Christchurch-based Computer Virus Consulting, says this could be a real problem in future as Code Red heralds a new problem - administrators not apply security patches rather than end users opening attachments.

Related Story

Code Red Round II won't melt the internet

Join the newsletter!

Error: Please check your email address.

Tags Code Red

More about MicrosoftSymantec

Show Comments
[]