Editing Code Red (computer worm) (section)

===Exploited vulnerability===
The worm showed a vulnerability in software distributed with IIS, described in Microsoft Security Bulletin MS01-033 (CVE-2001-0500),<ref>[https://web.archive.org/web/20060831221910/http://www.microsoft.com/technet/security/bulletin/MS01-033.mspx MS01-033 "Microsoft Security Bulletin MS01-033: Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise"], Microsoft Corporation, June 18, 2001</ref> for which a patch had become available a month earlier.

The worm spread itself using a common type of vulnerability known as a [[buffer overflow]]. It did this by using a long string of the repeated letter 'N' to overflow a buffer, allowing the worm to execute arbitrary code and infect the machine with the worm. Kenneth D. Eichman was the first to discover how to block it, and was invited to the [[White House]] for his discovery.<ref>{{cite web|url=http://news.cnet.com/2009-1001-270471.html|title=Virulent worm calls into doubt our ability to protect the Net|last=Lemos|first=Rob|work=Tracking Code Red|publisher=CNET News|url-status=live|archive-url=https://web.archive.org/web/20110617101100/http://news.cnet.com/2009-1001-270471.html|archive-date=June 17, 2011|access-date=March 14, 2011}}</ref>