1. /
  2. Security Response/
  3. CodeRed Worm

CodeRed Worm - Removal

Risk Level 2: Low

Discovered:
July 16, 2001
Updated:
February 13, 2007 11:36:53 AM
Also Known As:
W32/Bady, I-Worm.Bady, Code Red, CodeRed, W32/Bady.worm
Type:
Worm
Systems Affected:
Microsoft IIS
CVE References:
CVE-2001-0500 CVE-2001-0506

Symantec Security Response has created a tool to perform a vulnerability assessment of your computer and to remove the CodeRed Worm and CodeRed II.

If for any reason you cannot use or obtain the CodeRed removal tool, manually remove this worm.

Manually removing the worm
  1. Download, obtain, and apply the patch from the Web site, http://www.microsoft.com/technet/security/bulletin/MS01-033.asp.

    Alternatively, you can download and install the Cumulative Patch for IIS available at: http://www.microsoft.com/technet/security/bulletin/MS01-044.asp.

  2. Restart the computer.


Writeup By: Eric Chien

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver