HOLE IN IIS SPREADS CORERED WORM
Virus Name : IIS.CodeRed.F
Alias : I-Worm/CodeRed.F, W32.Bady.C,
CodeRed.III, CodeRed.F, W32.CodeRed.Worm
Virus type : Internet
level : Medium
CodeRed.F is a modified variant of original
CodeRed worm. CodeRed spreads
using .ida buffer overflow attack vulnerability
in IIS Web servers. The worm will attack
unprotected IIS servers only. It may slow down the entire
network due to the large scale IP scanning.
Web administrators are
requested to install the security patch provided
by Microsoft. The patch can be downloaded from
the link http://www.microsoft.com/technet/security/bulletin/MS01-033.asp
After installing the
patch, the server should be restarted to remove
active worm from memory.
The worm drops a backdoor program in the
compromised computer. It allows hackers to take full control
over the system. After removing the worm, the compromised
system files should be checked carefully. It is advisable to
restore all the disk contents from the backup.
generated IP addresses to spread. The worm will not write its
copy in the hard disk.
This worm is also known
as I-Worm/CodeRed.F, W32.Bady.C,
How can I protect my
To protect your server
from CodeRed worm attack, web administrators are
requested to install the security patch
immediately. The patch can be downloaded from the
following Microsoft link http://www.microsoft.com/technet/security/bulletin/MS01-033.asp and http://www.microsoft.com/technet/security/bulletin/MS01-044.asp.
After installing the security patch,
restart the system to remove virus from memory.
to remove this worm?
you are already infected with this worm, you can
remove it from your computer using Solo Antivirus
software. Solo antivirus can detect and
remove CodeRed Worm safely. Use the
following link to Download 30 day trial
version of Solo antivirus
remove viruses from your computer.
Solo anti-virus not only
scans for all viruses, it contains a unique System
Integrity Checker to protect you from
New Internet Worms, Backdoors and
malicious VB, Java Scripts. It also
effectively removes all existing Internet Worms,
File viruses, malicious VB, Java scripts,
Trojans, Backdoors, boot sector, partition table
and macro viruses.
purchase Solo antivirus using the link