Discovered: March 19, 2003
Updated: February 13, 2007 11:44:37 AM
Also Known As: JS/Fortnight.b@M [McAfee], JS.Fortnight [KAV], JS_FORTNIGHT.C [Trend]
Type: Trojan Horse, Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
JS.Fortnight.B is a Trojan Horse that drops a file, which is inserted into the default Microsoft Outlook Express signature. Then, every time you send email using Outlook Express, the message will contain code attempting to open a specific Web site when the message is opened.
JS.Fortnight.B also changes the Internet Explorer security settings. It also configures the Web Browser to prepend all the URLs with a specific URL.
This script exploits a known vulnerability in the Microsoft Virtual Machine ActiveX component. For additional information on this vulnerability, refer to:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS00-075.asp.
Security Response recommends installing this patch to remove this security vulnerability.
Protection
-
Initial Rapid Release version March 20, 2003
-
Latest Rapid Release version July 12, 2008 revision 018
-
Initial Daily Certified version March 20, 2003
-
Latest Daily Certified version July 12, 2008 revision 019
-
Initial Weekly Certified release date March 26, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 50 - 999
-
Number of Sites: More than 10
-
Geographical Distribution: Medium
-
Threat Containment: Easy
-
Removal: Easy
Damage
Distribution
Writeup By: Douglas Knowles
