Microsoft Points to Old Patch for Code Blue Protection -- Microsoft Certified Professional Magazine Online

Microsoft Points to Old Patch for Code Blue Protection

By Scott Bekker
09/13/2001

Microsoft Corp. directed users of its Web server software to a year-old patch for protection against the recently discovered Code Blue vulnerability -- a worm with a limited presence in the wild.

"We've received a number of queries from customers regarding a newly reported worm called Code Blue. Although there are no indications at present that the worm is widespread in the wild, customers can easily protect their systems against it," Microsoft said in a statement on its Web site.

The vulnerability in Internet Information Services exploited by Code Blue was patched in Microsoft's 78th security bulletin of 2000.

Any server with that patch, either of Microsoft's cumulative IIS patches this year, the Windows 2000 Service Pack 2 or the Windows NT 4.0 Security Roll-up Patch is already protected, Microsoft said.

Symantec reported that Code Blue or W32.BlueCode.Worm was discovered Sept. 7. The worm damages unpatched Windows NT and Windows 2000 servers by causing system instability and comprosing security settings.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Register! Top 5 Hybrid AD Management Mistakes and How to Avoid Them