1. /
  2. Security Response/
  3. JS.Fortnight

JS.Fortnight

Risk Level 1: Very Low

Discovered:
May 14, 2002
Updated:
May 15, 2002 2:21:34 PM
Systems Affected:
Windows 98, Windows 95, Windows Me, Windows NT, Windows 2000
JS.Fortnight is a worm that replaces the user's default Outlook Express signature file with one containing a link to a website hosting the worm's code in a hidden iframe. This website exploits the Microsoft Virtual Machine com.ms.activeX.ActiveXComponent Arbitrary Program Execution Vulnerability (Microsoft Security Bulletin MS00-075, Bugtraq ID 1754), allowing the worm to execute on the local system.

The worm's payload simply resets the Internet Explorer and Netscape Navigator home pages to an adult website and adds three links to the Favorites folder.

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver