|
Just a Heads up. There is a new worm on the loose
that will deface sites served by IIS with the phrase:
"HELLO! Welcome to http://www.worm.com! Hacked By
Chinese!"
This affected one of our clients, and the quick
fix was to patch the server.
At this point it is unclear how the worm changes
IIS. It did not actually change the documents themselves, but rather
caused IIS to serve the same message for any document requested.
After patching and restarting the server, the
defacements disappeared.
I do not yet know how to eradicate the worm from
the machine.
I found some helpful info here: http://www.eeye.com/html/Research/Advisories/AL20010717.html
and a news bite here:
And the IIS patches are here: http://windowsupdate.microsoft.com/
Paul
|
- Re: Code Red Worm attacks IIS Paul
- Re: Code Red Worm attacks IIS Ben Johansen
- RE: Code Red Worm attacks IIS Walker, Buddy
