Code Red: July 2001 / August 2001

Spread by buffer overflow on Microsoft IIS webserver

Added a root-level backdoor to the system

Code Red I: spreads by random scanning

Code Red II: by localized random scanning