JS.Fortnight is an Internet worm that uses infected emails with hidden links to an Internet Web page from which it downloads its infected code.
Infected messages contain a hidden link to a Web page containing the
The worm uses the Microsoft VM ActiveX security vulnerability for which Microsoft released a security patch three years ago.
More information about this vulnerability and the patch for it is
The Fortnight worm uses a cookie named “TF” to mark infected computers. If this
Next the worm copies the default signature of Outlook Express 5.0 to the
The Fortnight worm creates 3 links in the “Favorites” folder:
"SEXXX. Totaly Teen.url" "Make BIG Money.url" "6544 Search Engines Submission.url"
Fortnight installs two cookies that act as infection marks.
The site that contained the worm’s body was blocked as soon as the worm
The Fortnight.f worm creates 3 links in the “Favorites” folder:
"Nude Nurses.url" "Search You Trust.url" "Your Favorite Porn Links.url."