1. Symantec/
  2. Security Response/
  3. JS.Fortnight.C


Risk Level 1: Very Low

July 2, 2003
February 13, 2007 12:03:22 PM
Also Known As:
JS/Fortnight@M [McAfee], JS.Fortnight.b [KAV], JS/Fortnight-D [Sophos], JS_FORTNIGHT.D [Trend]
Trojan Horse, Worm
Systems Affected:

JS.Fortnight.C is a Trojan Horse that drops a file, which is then inserted into the default signature of Microsoft Outlook Express. Following this, every time you send email using Outlook Express, the message will contain code that will attempt to go to a specific Web site when the recipient opens the email message.

JS.Fortnight.C exploits a Microsoft VM vulnerability using IFRAME tags, with the SRC field set to the address of the Trojan's creator. After a series of redirections, an encoded JavaScript will load an applet containing the exploit. On unpatched systems, various registry keys and Web browser settings will be modified.

NOTE: Virus definitions dated prior to July 3, 2003 may detect some files as JS.Fortnight.

Antivirus Protection Dates

  • Initial Rapid Release version July 3, 2003
  • Latest Rapid Release version March 1, 2018 revision 025
  • Initial Daily Certified version July 3, 2003
  • Latest Daily Certified version March 2, 2018 revision 003
  • Initial Weekly Certified release date July 9, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Scott Gettis

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube