The Code Blue virus attacks Microsoft IIS servers by attacking a vulnerability
in the inetinfo service routine. It installs a service "hostc.exe" and can
slow
system response and cause a DoS of the IIS Web server. Further the virus can
drop C:\d.vbs.
This worm may be more persistent than the Code Red II worm in that it also
modifies the registry and adds SVC$hostc.exe to
SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ which causes it to survive
server reboots
This is some VERY preliminary information based on a poorly translated entry
on a Chinese web site.
[^] # Re: Pas facile de trouver des precisions !
Posté par syntaxerror . En réponse à la dépêche Apres le code rouge...le code bleu. Évalué à 10.
The Code Blue virus attacks Microsoft IIS servers by attacking a vulnerability
in the inetinfo service routine. It installs a service "hostc.exe" and can
slow
system response and cause a DoS of the IIS Web server. Further the virus can
drop C:\d.vbs.
This worm may be more persistent than the Code Red II worm in that it also
modifies the registry and adds SVC$hostc.exe to
SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ which causes it to survive
server reboots
This is some VERY preliminary information based on a poorly translated entry
on a Chinese web site.
Donc à prendre avec des pincettes.