Skip navigation




Anti-virus specialist F-Secure is warning companies to download and install
patches to their IIS
servers against a new, more dangerous version of the virus-like Code Red
computer worm, which
has been identified over the weekend.


The new version exploits the same vulnerability in Web servers, but also
gives a hacker remote
control of the computers it infects by leaving a Trojan horse in the system.


One of the under-reported aspects of the Code Red worm was the fact that the
IIS Indexing
Service ISAPI filter vulnerability, which Code Red exploited, can also give
system-level access
to an intruder. This means that all Code-Red-infected machines are an easy
target for a
cracker -- using an off-the-shelf attack script available from the Web.


With the new Code Red variant, it's even easier to gain remote access to
infected machines.
Instead of trying to infect any site across the internet, it concentrates on
spreading locally.
It is difficult to detect and more complicated to remove than Code Red.


F-Secure say that computer users running Microsoft IIS webserver software
are vulnerable to
the new worm, but systems which were protected from the Code Red worm before
this
weekend cannot be infected.


Patches to protect vulnerable systems can be
downloaded from
http://www.microsoft.com/technet/security/bulletin/ms01-033....

F-Secure: 01223 257747 / http://www.f-secure.com


The Edge Partnership
(+44) 1625 511966 / 511967 (fax)

This press release was distributed by ResponseSource Press Release Wire on behalf of Context PR in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.