The Code Red Virus: What It Is and How to Remove It

A surprisingly simple and dangerous computer worm to learn from

An illustration of the Code Red virus infecting a laptop.

Lifewire / Theresa Chiechi

Worried about contracting the Code Red virus? Don't be. The chances of your computer becoming infected by this worm are slim to none.

The CodeRed Worm is known by multiple names, including W32/Bady.worm; W32/Bady, I-Worm.Bady; Code Red; CodeGreen; CodeBlue and CodeRed II.

What Is the Code Red Virus?

Code Red was a computer worm that appeared in the summer of 2001 and attacked computers running Microsoft's Internet Information Services (IIS) web server. The name came about after it was discovered that the researchers who found the worm were drinking Code Red Mountain Dew at the time. The virus caused billions of dollars of damage to enterprise system computers before it was contained.

How Does the Code Red Worm Work?

Enterprise servers were targeted in the attack, which showed up on the server as a GET /default.ida request on TCP port 80. The intent was to exploit a buffer overflow vulnerability on the server so that the code could run in the memory of the server itself.

Once there, the code caused the display to read HELLO! Welcome to! Hacked By Chinese!, then it tried to spread through additional servers and stop them from working with a denial of service attack. Variations of the worm acted in similar ways.

Can I Catch the Code Red Virus?

Probably not. Computers that were originally infected with this worm stopped propagating it because of its built-in infinite sleep mode. Most antivirus software providers are confident that if the virus is sent out again, re-infection will not wake up previously infected computers. There is potential for it to impact computers that never applied the appropriate patches at the time the worm first appeared and was contained. However, this potential only exists for enterprise systems that were running IIS in 2001.

Today's computers are automatically protected against this specific worm with a variety of updates and code fixes that have been installed on new systems built and sold since 2001.

How Do I Get Rid of This Virus?

There is nothing you can do to eliminate this worm since it is not currently active. Even if it were to become active again, this particular worm doesn't impact personal devices. However, everyone should ensure their computers and smartphones are properly protected against other types of malicious software.

To ensure you are protected, consider using antivirus software. Different types of antivirus and malware protection software can work better on specific devices, so it's important to do your research before you decide which program(s) to use.

How Do I Avoid Getting a Computer Virus?

There are a few key ways in which you can lower your chances of being infected with a computer virus.

  • Always use antivirus software and malware protection. Unprotected computers and smartphones are at the highest risk for contracting worms, viruses, malware and other malicious programs.
  • Consistently update that antivirus software. New virus definitions are released regularly but they can only work if you update when your program tells you to.
  • Block PUPs. Turn on the option to detect Potentially Unwanted Programs (PUPs) in your antivirus software. This will help you catch programs that are attempting to sneak by when you download otherwise safe programs.
  • Know your download source. Always know the legitimacy of the programs and apps you download. Some sites include add-ons that you don't need; that's often how malicious programs slide by you. 
  • Don't use websites suggested by pop up ads. Your computer can be infected by the suspicious websites you might accidentally enter, such as freeware or pirated software sites. Clicking on a supposedly innocent link could lead to an unwanted or malicious program installing itself on your computer. Be careful of websites such as torrenting sites. 
  • Never click on banner ads. When a pop-up banner appears as you browse a website, resist the urge to click on it. If a site inundates you with pop-up advertisements, leave the site immediately.