A dangerous variant of the Code Red worm which enables hackers to
control infected systems could cause chaos on the Internet, the
Home Office has warned.
The new version exploits the same vulnerability found in Microsoft
Internet Information Server versions 4.0 and 5.0 as the previous
worms but also deposits a Trojan that can enable hackers to gain
control of the system.
The new worm spreads up to six times faster than earlier versions
and finds targets by looking for other systems in the same locality
as the infected system.
The existing patch for the two earlier versions of the worm will
still protect systems but a second patch is needed for those
already infected by the Trojan.
"Depending on how the Trojan is exploited, far more serious
disruption is possible," warned the Home Office's Unified Incident
Reporting and Alert Scheme. "It could be used to used to attack the
Internet infrastructure or to target specific sites."
Further information
http://www.microsoft.com/technet/security/bulletin/ms00-052.asp