Prepare for Code Red to rear its head again

Prepare for Code Red to rear its head again

By William Jackson

GCN Staff

JULY 30—If you thought the Code Red worm was behind you, think again. The federally funded CERT Coordination Center reports that the self-propagating malicious code, which infected as many as 280,000 computers in a matter of hours on July 19, could come back to life at 8 p.m. EDT tomorrow.

According to the advisory posted at, researchers found that the worm is programmed to go into a propagation mode from the 1st through the 19th of each month beginning at midnight Greenwich Mean Time (8 p.m. EDT). Copies of the worm on infected machines scan the Internet trying to connect to TCP Port 80. On servers running unprotected versions of Microsoft Internet Information Server the worm exploits a buffer overflow in the IIS Indexing Service DLL and installs a copy of itself, which begins scanning for new victims.

Although the code is not programmed to launch denial-of-service attacks until the 20th through the 27th of the month, scanning traffic during the propagation phase could slow Internet service and completely block some addresses.

'Our analysis estimates that starting with a single infected host, the time required to infect all vulnerable IIS servers could be less than 18 hours,' the advisory warns.

Because the worm resides in memory, rebooting a server will eliminate it. To protect from being infected, Microsoft Corp.'s patch for Windows NT 4.0 or Windows 2000 Professional, Server and Advanced Server should be downloaded from the company's Web site at and installed.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected