1. /
  2. Security Response/
  3. JS.Fortnight.C


Risk Level 1: Very Low

July 2, 2003
February 13, 2007 12:03:22 PM
Also Known As:
JS/Fortnight@M [McAfee], JS.Fortnight.b [KAV], JS/Fortnight-D [Sophos], JS_FORTNIGHT.D [Trend]
Trojan Horse, Worm
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows NT, Windows XP

JS.Fortnight.C is a Trojan Horse that drops a file, which is then inserted into the default signature of Microsoft Outlook Express. Following this, every time you send email using Outlook Express, the message will contain code that will attempt to go to a specific Web site when the recipient opens the email message.

JS.Fortnight.C exploits a Microsoft VM vulnerability using IFRAME tags, with the SRC field set to the address of the Trojan's creator. After a series of redirections, an encoded JavaScript will load an applet containing the exploit. On unpatched systems, various registry keys and Web browser settings will be modified.

NOTE: Virus definitions dated prior to July 3, 2003 may detect some files as JS.Fortnight.

Antivirus Protection Dates

  • Initial Rapid Release version July 3, 2003
  • Latest Rapid Release version February 19, 2013 revision 016
  • Initial Daily Certified version July 3, 2003
  • Latest Daily Certified version February 9, 2011 revision 036
  • Initial Weekly Certified release date July 9, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Scott Gettis

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report