There's a new version of the Fortnight worm out there, spreading via Outlook e-mail and said to be carrying a porn payload – even though Microsoft released a patch three years ago to fix the breach the worm usually uses.
The worm uses JavaScript and Java applets to whip around Outlook e-mails set to read and transport HTML, and tries changing the registry keys and adding three new favorites to the victim's Web browser, Nude Nurses.url, Search You Trust.url, and Your Favorite Porn Links.url, according to VUNet.com. If and when the e-mail in question is opened, a hidden Web link is opened for the computer to download Fortnight's code with a flaw in Microsoft VM Active X, VUNet added.
Sophos and other security makers began releasing alerts for Fortnight F, the full name of this varient, June 20. International Risk Management technical director Neil Barratt told VUNet the return of Fortnight, with or without the kinky payload, proves that companies need to think again about security fixing.
"It's silly that this is still out there, three years on," he said. "It illustrates the change in mind-set needed over patching. Some administrators are still treating their servers like cars and only budgeting the time and money needed for a major patching session once in a blue moon."
