Fortnight worm exploits antique Windows vuln

This should not be happening

Windows users are being infected a JavaScript worm – even though protection has been available for almost three years.

The Fortnight JavaScript worm exploits a vulnerability in Microsoft VM ActiveX which makes it possible for malicious code to execute simply by reading an message in an HTML aware email client.

Microsoft issued protection against the vuln in October 2000. Despite this, users are still becoming infected (albeit to a modest extent) with recently released variants of the JavaScript nasty, JS/Fortnight-D and JS/Fortnight-F.

As explained here, the worm's actions include changing registry keys and adding links to various Web sites (e.g. Nude Nurses.url) to a victim's favourites list.

Although the virus is relatively uncommon, the fact that it is spreading at all is causing concern in security circles.

"We're getting some reports of infection by Fortnight but it's not particularly widespread. We're alerting people about Fortnight because it focuses attention of the failure of some people to apply security patches," said Graham Cluley, senior technology consultant for Sophos Anti-Virus.

"There really is no excuse for failing to apply a patch which has been around for three years.”

Sophos advises users to sign-up for (and act on) Microsoft's security alerts and to practise safe computing. ®

Related Stories

Fresh variant to tedious worm bores users into submission
On MS, AV and Addictive Updates
Fizzer blasts Klez-H off top spot in viral charts

Sponsored: 5 critical considerations for enterprise cloud backup