The first reports of the “Code Red” worm were made last week
when it was detected by network administrators. The worm takes
advantage of a security hole in Microsoft software, which the
company had acknowledged in June when it issued a patch to users so
that their systems would not be vulnerable to attack.
An advisory report has been issued by the Computer Emergency
Response Team Co-ordination Center (“CERT”) warning that a
successful attack may have knock-on effects for the entire
internet. It reads:
“In addition to web site defacement,
infected systems may experience performance degradation as a result
of the scanning activity of this worm.
“Non-compromised systems and networks that
are being scanned by other hosts infected by the "Code Red" worm
may experience severe denial of service. This occurs because each
instance of the "Code Red" worm uses the same random number
generator seed to create the list of IP addresses it scans.
Therefore, all victim hosts scan the same IP addresses.”
Reports have also been made of a second worm named “SirCam” that
has the ability to pick individual documents from the “My Document”
directory in Windows software and then to send it to all entries in
the users e-mail address book. This poses a clear threat to user
privacy and organisations have been advised to ensure they have
strong e-mail security policies in action to prevent its further
spread.
