Quiz Entry - updated: 2026.07.05
What was the Morris Worm and what did it demonstrate about buffer overflows?
The 1988 Morris Worm was the first major internet worm; by exploiting buffer overflows in Unix services it proved such bugs could give remote code execution and take down machines network-wide.
The Morris Worm (1988) was the first major internet worm, written by Robert Morris as an experiment to estimate internet size. It spread using:
- Dictionary attacks on weak passwords
- Buffer overflow exploits in Unix services (fingerd, sendmail)
What went wrong: A bug caused it to reinfect machines repeatedly, consuming all resources and crashing ~6,000 computers (~10% of the internet at the time).
Security significance:
- Demonstrated that buffer overflows could achieve remote code execution
- Showed that a single vulnerability could have cascading network-wide effects
- Led to creation of CERT (Computer Emergency Response Team)
- First prosecution under Computer Fraud and Abuse Act
The Morris Worm proved that theoretical vulnerabilities could cause real-world catastrophic damage.
Go deeper:
Morris worm (Wikipedia) — corroborates fingerd/sendmail exploits, ~6,000 machines, CERT, first CFAA conviction.