Security News > 2021 > July > The Code Red worm 20 years on – what have we learned?

The Code Red worm 20 years on – what have we learned?
2021-07-15 18:57

That's because July 2001 is when the infamous Code Red computer worm showed up, spread fast, and all but consumed the internet for several days.

Back in 2001, Windows didn't support DEP, short for Data Execution Prevention, so that any code shoved onto the stack could blindly be executed, even though the stack is intended to store data, not code.

In the Code Red days, [] if you could find a stack buffer overflow, it was often very, very little work, maybe half an afternoon's work, to weaponise it, to use the paramilitary terminology that cybersecurity seems to like, and turn it into a workable exploit that could basically break in on any similar Windows system.

The silver lining, if there was one, is that Code Red wasn't programmed to do much damage to the computers it infected.

Once running, Code Red dedicated 99 parallel threads of execution to generating a list of new victim computers and spewing out HTTP requests to all of them.

Amusingly, Microsoft had patched against the Code Red buffer overflow exploit about a month before the attack.


News URL

https://nakedsecurity.sophos.com/2021/07/15/the-code-red-worm-20-years-on-what-have-we-learned/