Windows Remote Buffer Overflow Vulnerability and the Code Red Worm
This paper focuses on the behavior of the Code Red (CRv2) and Code Red II worms, discussing how the worms propagated and capitalized on known yet unpatched buffer overflow vulnerabilities. These worms taught system administrators to keep up with their patches.