Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- May 14, 2002
- Updated:
- May 15, 2002 2:21:34 PM
- Systems Affected:
- Windows 98, Windows 95, Windows Me, Windows NT, Windows 2000
JS.Fortnight is a worm that replaces the user's default Outlook Express signature file with one containing a link to a website hosting the worm's code in a hidden iframe. This website exploits the Microsoft Virtual Machine com.ms.activeX.ActiveXComponent Arbitrary Program Execution Vulnerability (Microsoft Security Bulletin MS00-075, Bugtraq ID 1754), allowing the worm to execute on the local system.
The worm's payload simply resets the Internet Explorer and Netscape Navigator home pages to an adult website and adds three links to the Favorites folder.
The worm's payload simply resets the Internet Explorer and Netscape Navigator home pages to an adult website and adds three links to the Favorites folder.
