Information on the Code Red worm

July 16, 2001

The Code Red worm has been spread across the Internet. Currently there are two variants of the worm, known commonly as Code Red I and Code Red II.  The worm attacks Windows NT, 2000 and XP computers running IIS 4.0 and 5.0 by exploiting a known security exploit in IIS.  This worm does not affect users running Windows 95, 98, ME, or non-Windows operating systems (Mac OS, Linux, etc.).    For a more technical description of the worm and the security exploit, please visit SARC's website.  SARC's website also has links to tools that will determine if your computer is vulnerable and removal tools for the Code Red worm (both variants). Even if your computer isn't vulnerable to the Code Red worm, you should still take measures to protect your computer against other viruses. 

Code Red  (SARC)  -