[pchelpers] Yahoo Email Worm

From: Susan <starquest@xxxxxxxxxxx>
To: pchelpers@xxxxxxxxxxxxx
Date: Tue, 13 Jun 2006 12:01:28 -0600

Yahoo email users take note:
--------------------------------------------------------------------------------------------------------------------------------

Worm wriggles through unpatched Yahoo flaw
By Dawn Kawamoto

http://news.com.com/Worm+wriggles+through+unpatched+Yahoo+flaw/2100-7349_3-6082934.html

Story last modified Mon Jun 12 17:56:26 PDT 2006

A new worm that targets Yahoo e-mail users is on the loose, taking
advantage of an unpatched JavaScript flaw, a security company has warned.

The Yamanner worm targets all versions of Yahoo Web-based mail except
the latest beta version, Symantec said in an advisory released Monday.

Yahoo is working on a patch for the vulnerability, and people are
encouraged to update the antivirus definitions on their PCs, Symantec said.

Yamanner arrives in a Yahoo mailbox bearing the subject header "New
Graphic Site." Once the message is opened, the computer becomes infected
and the worm spreads itself to people on the Yahoo e-mail contact list.
The harvested e-mail addresses are also sent to a remote online server,
which Symantec suspects may use the information for spam campaigns.

"The worm is taking a pretty novel approach," said Dean Turner, senior
manager of Symantec Security Response. "It takes advantage of a
JavaScript vulnerability, so the user doesn't even have to click on an
attachment to get infected."

Yamanner exploits the Yahoo flaw by enabling the scripts that are
embedded in HTML e-mails to be run by the user's Web browser.

The worm, which was spotted in the wild early this morning, has hit the
remote server more than 100,000 times, forwarding Yahoo e-mail addresses
harvested from unsuspecting users, Turner said.

Although the worm is spreading quickly, and no patch has been issued,
Symantec is rating the threat a "2." The security vendor uses a 1-to-5
rating system, with "5" as its most severe category.

"Antivirus definitions have been released for it, and Yahoo is working
on a patch, so we don't want to cry wolf," Turner said. "Although there
is the potential the worm will affect a larger number of people, for now
to raise it to another (higher) level would be inappropriate."

He added it is premature to predict whether this worm will morph into
other forms and attack other browser-based forms of e-mail, such as
Google's Gmail.

A Yahoo representative said that the company had detected the worm on
Monday morning and that it affected a very small fraction of Yahoo Mail
customers. "We have taken steps to resolve the issue and protect our
users from further attacks of this worm. The solution has been
automatically distributed to all Yahoo Mail customers, and requires no
additional action on the part of the user," the representative said.

Systems affected include Windows 2000, Windows 95, Windows 98, Windows
Me, Windows NT, Windows Server 2003 and Windows XP, according to
Symantec's advisory.
.

--
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at //www.freelists.org/cgi-bin/lsg2.cgi
List archives at //www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

[pchelpers] Yahoo Email Worm

Other related posts: