Yesterday, the Code Red virus infected over 225,000 servers worldwide causing disruption in service and in many cases, destruction of web files., a web-based small business service & resource provider, had to bring their servers down for almost three hours. ?We are happy that none of our data was touched, because it rests in another server protected against viruses such as this and none of our websites were damaged either,? said Michael Banner CEO.

It has been reported that the virus or worm was named ?Code Red? because it was discovered by technicians, who were drinking at the time a new drink by Mountain Dew, named Code Red. It has also been reported that the name was coined because of evidence that it originated from China.

The Code Red ?worm? infects computer servers that use Microsoft?s Internet Information Server (IIS) software, which is part of newer versions of Windows NT. Over 6 million servers are using this software. Once it enters a computer server it defaces its web page files and posts text messages such as, ?Welcome to! Hacked by Chinese!? Some sites that weren?t damaged had their pages redirected to a false site that had similar text. Additionally, infected servers were set to send out 400MB packets of information at 8:00 PM (Washington, DC) time to the website, with the obvious intention of bringing the Whitehouse?s computers down. White house officials said they averted disaster, by changing their server?s IP address before it could happen.

The worm spread by randomly selecting 100 IP addresses at a time, scanning the computers for the Microsoft system and then spreading only to those computers. Only computers with the IIS system were targeted because of a recently discovered vulnerability in the software. Code Red also seems to have defaced only English-language servers.

Microsoft actually provided a patch for its software to protect against its vulnerability a few weeks ago, but very few servers had downloaded the patch. The patch is available on Microsoft?s website, It has been said that eventually every one of the IIS servers will be compromised if the patch is not added to their systems.