Despite preventative measures by college house information technology advisors, the Code Red II worm has continued to infect about 140 computers on the Penn network.
The Code Red II attacks computer hard drives, slowly destroying the entire operating system while simultaneously making all of a computer's information available on the Internet -- including passwords, files and any other saved information.
Windows 95, 98 and Millennium Edition as well as the Macintosh and Unix operating systems are not vulnerable to attack.
Dave Millar, the University's information security officer, is asking all students on the Penn network to install Norton Antivirus, run a full system scan and clean up their systems as soon as possible.
"Since there are no apparent warning signs, people need to stay up to date," Millar said "If they haven't applied the patch, it's probably only a matter of time before they will be infected and then they are looking at rebuilding their entire system."
The Code Red II is much more difficult to remove than its predecessor, the Code Red, which began infecting systems last June, requiring an entire reinstallation of the operating system.
All students on the Penn network will need to download and install a patch available from the Microsoft Web site. The patch fixes the Microsoft programming error that allows the worm to enter the system.
If College House Computing detects an infected machine, they have to disable the Penn network port to prevent the machine from further spreading the worm.
According to Millar, about 40 ports have been disabled thus far in residential areas and throughout campus.
Upon returning to campus this fall, all information technology advisors were trained in Code Red prevention, a tactic that proved successful in Hill College House.
"When we had our ITAs go through to peoples' rooms setting up antivirus programs we had them prepared to do updates on people's computers for Code Red," said Jonathan Doloff, computing manager at Hill College House. "We also set up an ITA security checklist on how to set up [Microsoft] Outlook and other e-mail systems."
Frank DePaoli, the computing manager of Harrison College House, has seen few problems with Code Red, but believes it to be a result of upperclassmen often using older operating systems.
"This statistic is by no means constant," DePaoli said. "When a virus hits campus, it will hit very hard. We may not have a computer infected with Code Red today, but we may have 50 computers infected tomorrow. We just try our best to minimize the spread of the virus."
According to information released by Microsoft, Code Red II borrows from the premise of the earlier worm, exhibiting no overt warning signs but randomly attacking individual systems within a targeted network, such as the PennNet system.
The worm proliferates by selecting random computers on a server. If the worm continues to spread, the selected network becomes congested, slows down and could eventually face a shutdown.
Unlike the viruses that have invaded Penn computers in the past, this "worm" can spread without any action on the part of the user.
Whereas many viruses, such as the "Romeo Virus" that have spread through campus in recent semesters, require the user to open an e-mail attachment--the worm capitalizes on a Microsoft programming hole in the Windows 2000 and Windows NT operating systems.
