CodeRed triggers workstation virus protection

Steve Bernard sbernard at gmu.edu
Mon Aug 6 22:52:15 GMT 2001


Does anyone know why browsing to an infected IIS server will trigger Norton
Anti-Virus on the client? Have the anti-virus vendors added a signature for
the "Hacked by Chinese" web page to help spread the word? I'm not on a
client that is vulnerable to CR but, I keep getting the advisories as if the
web server is trying to send the worm to my workstation. I hadn't
encountered this before.

Thanks,

Steve



More information about the unisog mailing list