8 August 2001

The Code Red virus is a worm that exploits a defect in Windows NT and 2000. The major concerns about the Code Red virus are that it can be can be used to launch a Denial of Service attack and that it can allow others to take control of an infected computer. If you have an Windows 2000/NT Server running Internet Information Server you must install the repair patch from Microsoft.

The majority of computer users don't need to worry about Code Red, the biggest risk is that your favourite web site may be a victim of a denial-of-service attack. Much more relevent to Windows users is the Sircam virus. This little beast has been doing the rounds for a few weeks now and just keeps coming back.

Sircam is another example of the social-engineering tricks that the more sophisticated virus writers are using. It grabs a file from the victims computer, infects the file, attaches it to an e-mail using the file's title for the subject line, then sends the e-mail to everybody in the victims address book. There is a twenty percent chance of it deleting all your files on October 16 as well!

If you do catch it, download the free removal program from Symantec.

While the infected attachment appears as a document title, it is actually a pif or com file. So the icon should give away what it actually is. It is difficult to think of a situation when you would be e-mailed one of these files for a legitimate reason, so don't open them. Even more so when the attachment is pretending to be something else.

Being on your guard is important to avoid being fooled into opening one of these files. It is also important to have an anti-virus program and to keep it up to date. Try to update your anti-virus program every week and always be suspicious of e-mail attachments. Look closely at them before opening them.