The Code Red II worm now spreading through the Internet may leave computer users vulnerable to future attacks from still-unidentified hackers.
A meaner version of the Code Red Internet worm has begun showing up on Chinese computers despite claims last week that Chinese-language versions of the vulnerable operating systems were immune to the virus, a security expert said Tuesday.
"The situation is beginning to move more quickly and spread more widely this week," said a technical support manager at Beijing Rising Technology Corp, a virus protection company.
Rising knew of several dozen Chinese computers which had been attacked by the Code Red II worm, including computers at universities, government agencies and large Chinese companies, he said.
"It's the second member of what appears to be a family," said the manager at Rising, who declined to be identified.
The Code Red II worm -- with the potential to expose sensitive information such as credit card numbers stored on the Internet and also rig computers to launch attacks on other Web servers -- is a new version of the virus that surfaced in July.
It infects computers running Microsoft's Windows NT or 2000 operating systems and its Internet Information Server Web server software.
Last week some security experts said Chinese-language versions of the Microsoft operating systems were immune to the worm, but the Rising expert said it could infect computers using Chinese-language versions.
Reports in Indian newspapers last week said the Code Red worm had been traced to a computer at the University of Foshan in China's southern province of Guangdong.
But a laboratory technician who answered the phone at the university's computer department on Tuesday said he was surprised to learn of the reports because the school had been on vacation since July 6 and was being refurbished.
"All the students are on vacation and we're under construction. Even the electricity is down," said the technician, who gave his surname as Hu.
A free software patch with instructions is available at http://www.digitalisland.net/codered/. The Mercury Interactive Web is also offering free vulnerability scans for Code Red. (http://atsecurecheck.mercuryinteractive.com/codered)
(Agencies 08/07/2001)
