A simple review of the directions offered at http://www.microsoft.com reveals wether or not you are using a vunerable version of Win 2k -Hoyler
Also, to check for available Windows Critical Updates, Security Updates, Service Packs, and other product updates: http://windowsupdate.microsoft.com/default.htm?Page=productupdates
This is a virus that targets servers !! sheesh ! Unfortunately the headline loving media has once again preferred sensationalism to truthfully telling a story. If you have one computer that connects to the internet (and is not a server), you need to calm down!! this thing is not going to attack you (doesn't mean I still don't run a firewall+uptodate anti-v)
The CodeRed Worm affects Microsoft Index Server 2.0 and the Windows 2000 Indexing service on computers running Microsoft Windows NT 4.0 and Windows 2000 that run IIS 4.0 and 5.0 Web servers. The worm uses a known buffer overflow vulnerability contained in the file Idq.dll. Some FAQs: What causes the vulnerability? The vulnerability is the result of an unchecked buffer in an ISAPI Extension associated with Index Server in Windows NT 4.0 and Indexing Service in Windows 2000. By sending a specially constructed request to the ISAPI extension, an attacker could cause code to run on a web server in Local System context. What are Index Server and Indexing Service? Index Server 2.0 and Indexing Service are full-text search and indexing engines for use with Windows NT 4.0 and Windows 2000, respectively. They provide the ability to search data on a web site or a server. This lets users with a web browser search for documents by entering keywords, phrases or properties. Index Server 2.0 does not ship as part of Windows NT 4.0, but rather is available as part of the Windows NT 4.0 Option Pack. Indexing Service is a native service in Windows 2000, and ships as part of the platform Iâm running Windows NT 4.0. Am I vulnerable? Default installations of Windows NT 4.0 are not vulnerable. IIS 4.0 does not install as part of Windows NT 4.0 â it must be installed via the Windows NT 4.0 Option Pack. However, if you have installed IIS 4.0 you are vulnerable, as Idq.dll is installed as part of the IIS 4.0 installation process. Iâm running Windows 2000 Server. Am I vulnerable? Default installations of Windows 2000 are vulnerable. IIS 5.0 installs by default as part of Windows 2000 server products, and Idq.dll is installed as part of the IIS 5.0 installation process. If Iâm running Windows 2000 Professional, am I vulnerable? Default installations of Windows 2000 Professional are not vulnerable. In contrast to Windows 2000 Server, IIS 5.0 does not install as part of Windows 2000 Professional. However, if you have installed IIS 5.0 you are vulnerable, as Idq.dll is installed as part of the IIS 5.0 installation process. The vulnerability can only be exploited if a web session can be established with an affected server. Customers who have installed Index Server or Index Services but not IIS would not be at risk. This is the default case for Windows 2000 Professional. For more information: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-033.asp