Hotmail attacked by Code Red II

Attack on Microsoft's own server software causes problems for free email service
Written by Wendy McAuliffe, Contributor

Software giant Microsoft has admitted that some of its MSN Hotmail servers were infected by the malicious "Code Red II" worm this week.

Microsoft released a patch to protect servers from the Code Red virus six weeks ago, but its free email service was embarrassingly caught out by the more virulent successor to the worm, usually referred to as Code Red II, earlier this week. The company has said that no personal information about customers was compromised in the attack, and that the attack did not affect the service's availability. However, some users reported difficulties sending messages through Hotmail at around the time of the attack.

"There were a few MSN servers affected by the Code Red worm virus that were promptly removed from the MSN Hotmail environment," said a spokeswoman at Microsoft. "No customer data was compromised, and all users should still be able to access the Hotmail service in a secure fashion."

The second-generation Code Red worm -- which surfaced last weekend -- spreads through a hole in Microsoft's Internet Information Server (IIS) Web software running on Windows NT and 2000 computers. It leaves a "back door" on infected computers that advertises their vulnerability by scanning Web-connected machines, sometimes launching coordinated attacks on other parts of the Internet.

Microsoft has now released a patch to block the vulnerability that Code Red II exploits, and network administrators must remove the back door from their systems and reformat and reinstall all software.

"Our understanding of the variant is that it is highly effective and has a greater potential to affect systems," added the Microsoft spokeswoman.

The original Code Red worm is reported to have infected 250,000 servers at its peak last week, but its more malicious variant has caused Internet outages across the world in the last few days.

See the Viruses and Hacking News Section for the latest headlines.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.

Editorial standards