Hard on the heels of the SirCam virus - which randomly selects a file from the user's "My Documents" folder and e-mails it to numerous recipients - comes the Code Red Worm.

This cunning new piece of distributed computing software is able to infect computers running Microsoft's Internet Information Server 4.0 and 5.0 - which means thousands of Web sites and Windows 2000 server installations. The worm scans the Internet for vulnerable systems and once it finds one it installs itself there and helps to probe other Web servers. So the growth rate is geometric - the more systems are infected, the faster other systems can be probed and infected.

Such a distributed computing technique has been used by legitimate organisations - including the Search for Extra-Terrestrial Intelligence - in the past, but this virus is considerably more clever. It can mutate its code to help it avoid detection, for a start, and is likely to be used, along with SirCam, as a template for future viruses.

There is, of course, a preventative patch available (see www.microsoft.com), but that hasn't been around for long and the likelihood of the majority of vulnerable systems being upgraded before the Worm is due to release its payload - later tonight - is unlikely. So expect the Web to get a lot slower as the power of hundreds of thousands of servers is used against other Web-connected machines.

Tempting as it is to blame Microsoft for yet another security hole, arguably this could happen to any market-leading piece of software, although it has to be said that security problems with Apache (a popular Unix Web server package) are relatively rare. This does, though, mark an interesting new development in virus programming. Using Web servers rather than e-mail clients (such as Outlook) to create devastation is a tactic that could cause real headaches for ISPs everywhere. Blaming users for clicking on attachments is no longer an excuse for lax security. Only regular security patches - or perhaps migration to a more secure host - will keep out malicious code.

In its current form, the Code Red Worm doesn't directly delete files, but there's nothing to stop future versions doing so. Just like real-world viruses, computer viruses are increasingly capable of mutating to become more devastating or hard to find. Until such time as the Internet has its own adaptive immune system, and everyone takes the threat seriously, the amount of havoc wreaked by such code is only going to increase. Perhaps a 'Brass Eye' programme on humans catching viruses from their computers is in order...