JS.Exploit is not a virus, but rather an exploit that takes advantage of a
security vulnerability in some versions of Microsoft Internet Explorer, Outlook
and Outlook Express.
Some anti-virus products may report HTML code as exploiting
this vulnerability, even if the code does not contain a virus. For instance,
the vulnerability is sometimes used by pornographic and online gambling
Microsoft has released a patch which reportedly fixes the vulnerability. For
further information and to download a patch, please view Microsoft Security Bulletin (MS00-075).
Furthermore, Sophos recommends that customers who are concerned they may
have encountered a virus that Sophos Anti-Virus does not detect
should send a sample for analysis.