"Worms and viruses often target specific
vulnerabilities in common software. But what if the terms were
reversed? Rather than attacking the vulnerability of software for
malicious purposes, what if the worm or virus actually attempted to
secure the software by applying a patch? Like it or not, it is
On September 1, someone posted to BugTraq the code to Code
Green. The code, which ostensibly fixes systems that are still
infected with the Code Red virus, was left for users to assemble
and use--if they wanted. The author, Herbert HexXer, added the
following: "I will not take responsibility for any damage that
might be caused by this code. Be sure to have understood the code
and it's [sic] purpose before beginning to play with it." Another
post included the code for CRclean, which was deliberately broken
by its author, Markus Kern. Both were intended to force the issue:
either you patch your system, or I will find a way to do it for
THE PATCH for the .ida vulnerability that Code Red exploited
existed for some time, yet a number of IIS servers (for whatever
reason) remained unpatched. As I write this, yet another primary
color worm, Code Blue, is attacking IIS servers that have not
patched the Web Server Folder Directory Traversal vulnerability.
The existence of Code Green and CRclean demonstrates the desire by
some to begin automating the process of installing patches. As with
any innovation, there are pros and cons."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.