The first Code Red attack exploits buffer-overflow vulnerabilities in unpatched Microsoft Internet Information Servers, infects an estimated 395,000 computers in one day alone, defaces Web sites and launches Trojan code in a denial-of-service attack against fixed IP addresses, including the White House and Microsoft. The event prompts the director of the FBI's National Infrastructure Protection Center to hold a press conference. A few weeks later, Code Red II surfaces as a variant that tries to infect computers on the same subnet. The Code red assaults raises awareness about patching and pave the way for future worms: SQL Slammer, Blaster, Sobig, Sasser, Netsky and Witty.

CERT advisory on Code Red