The Code Red virus is a worm virus. The worm is designed to spread the first 20 days of each month and has the potential to disrupt business and personal use of the Internet for applications such as electronic commerce, e-mail and entertainment.

What does the Code Red Virus do?

The worm scans the Internet, locates vulnerable systems and infects these systems by installing itself. Each newly-installed worm joins the others. The uncontrolled growth in scanning slows the speed of the Internet and can cause sporadic but widespread outages.

The virus takes advantage of a defect in Microsoft's Internet Information Services (IIS) software. It affects only computers with the IIS Web server software and Windows NT or 2000 operating systems. Windows 95, Windows 98 and Windows Me operating systems are immune. Therefore, most personal computers in the home cannot be infected. Those users who have computers that have been infected should reboot the machine and install the appropriate Microsoft software patch.

For Windows NT 4.0: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=30833
For Windows 2000 Professional, Server and Advanced Server: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=30800
Detailed instructions to use the patches can be found below.

What is AT&T Broadband Doing About the Code Red Virus?

We're closely monitoring our network and keeping a close eye on how our customers are being affected by the Code Red II computer virus. Our engineering team is running scans of the network to identify infected users. After the scan, AT&T Broadband will alert affected customers to assist them in ridding their computer(s) of the virus.

How Does the Code Red Virus Affect AT&T@Home Customers?

You may experience slow connection speeds due to the Code Red II virus traffic across the AT&T Broadband network.

Please note that AT&T Broadband customers are not being affected any differently than DSL or dial-up users. However, the virus can ping computers much faster on our high-speed network creating slower customer speeds.

What Should I Do to Protect Myself from the Code Red Virus:

Customers who have computers infected with the Code Red or Code Red II virus should download the Code Red patch from Microsoft.

If you are running a computer(s) with the IIS Web server software and Windows NT or 2000 operating systems, take these steps to protect computers:

Download the patch
Disconnect from the Internet (see additional instructions below)
Reboot your computer
Run the patch program
Restart your computer again
To properly connect and disconnect your computer from the Internet:

Shut off your computer
Unplug the cable modem from its power supply
Wait approximately 30 - 40 seconds
Plug the cable modem back into the power supply
Turn your computer back on
For more information about online security, please visit our AT&T Broadband Security Web site.The site has detailed information about online security and how to protect your high-speed cable Internet service connection.

Filtering Port 80 Q&As

Why is AT&T Broadband and Excite@Home Filtering HTTP Port 80, and how Does Filtering that Port Prevent the Code Red Virus from Spreading?

In an effort to alleviate the spread of the Code Red and Code Red II viruses on the AT&T Broadband High-Speed Cable Internet Network, AT&T Broadband and Excite@Home are indefinitely filtering all incoming traffic on http port 80 for residential customers.

Since the virus infects computers with the IIS Web server software and Window's NT or 2000 operating systems, the blocking of port 80 traffic is one of the first steps in containing the Code Red viruses on the Excite@Home and AT&T Broadband networks. Containing the Code Red viruses will assist in restoring the AT&T@Home service to the standard our customers have come to expect.

How does the Port 80 filter affect customers?

Blocking of inbound port 80 traffic only affects residential customers that are hosting Web servers with their cable modem. Residential customers that subscribe to Excite@Home Webspace or AT&T@Home Personal Pages and are not hosting a Web server are not affected by the filter.

Are Customers Who Subscribe to AT&T Broadband Business Services Affected by the Port 80 Filter?

The Port 80 filter only affects AT&T@Home residential customers.

Why Can't AT&T@Home Residential Customers Run Web Servers?

The @Home residential service offering is a consumer product designed for your personal use of the Internet. Customers must ensure that their activity does not improperly restrict, inhibit, or degrade any other user's use of the Services, nor represent (in the sole judgment of @Home) an unusually large burden on the network itself.

The benefits and privileges available from the AT&T@Home, and the Internet in general, must be balanced with duties and responsibilities so that other customers can also have a productive experience.

Under the terms of the Excite@Home Acceptable Use Policy, the running of Web servers on a residential AT&T@Home account is not permitted. See Bandwidth, Data Storage and Other Limitations in the Excite@Home Acceptable Use Policy.

*AT&T Broadband does not provide support or endorse most third party applications. If you have questions, concerns or problems with a third party software application, you will need to contact the software manufacturer. In no event shall AT&T Broadband, its agents or officers be liable for any damages whatsoever (including, without limitation, damages to computer Hardware or Software) arising out of the use of or inability to use the Software mentioned above, even if AT&T Broadband has been advised of the possibility of such damages.