2006-06-13 21:34:21 · 6 answers · asked by Anonymous in Computers & Internet ➔ Internet
A JavaScript worm that takes advantage of an unpatched vulnerability in Yahoo!'s webmail service has been discovered on the net.
The JS-Yamanner worm spreads when a Windows user accesses Yahoo! Mail to open an email sent by the worm. The attack works because of a vulnerability in Yahoo! Mail that enables scripts embedded within HTML emails to be run within a user’s browser instead of being blocked.
Once executed, the worm forwards itself to an infected users' contacts on Yahoo! Mail. It also harvests these address and sends them to a remote internet server. Only contacts with an email address of either @yahoo.com or @yahoogroups.com are hit by this behaviour.
Infected emails commonly have the subject line "New Graphic Site" and are spoofed so as to appear from "av3@yahoo.com". Users who open infected emails will be redirected to a webpage at www.av3.net/index.htm.
Symantec Security Response senior manager Kevin Hogan said: "Unlike its predecessors, which would require the user to open an attachment in order to launch and propagate, JS-Yamanner makes use of a security hole in the Yahoo! web mail program in order to spread to other Yahoo! users. Yahoo! is a popular email tool, and although normally closed to such threats, the exploitation of this vulnerability provides access to a significant number of internet users.
"As there is no patch at present, users are recommended to update virus definitions and firewall signatures and to block any emails sent from av3@yahoo.com." ®
http://www.theregister.co.uk/2006/06/12/javscript_worm_targets_yahoo/
2006-06-13 21:40:02 · answer #1 · answered by disk_tel 4 · 0⤊ 0⤋
2
2016-08-23 17:45:28 · answer #2 · answered by ? 3 · 0⤊ 0⤋
Snopes says YES. Check this out: http://www.snopes.com/computer/virus/newgraphic.asp
That site investigates urban legends and other rumors going around. I check it on a daily basis because it's fun to read.
2006-06-13 21:53:16 · answer #3 · answered by Anonymous · 0⤊ 0⤋
u r correct but it was an e-mail worm and yahoo has already nipped it in the bud ...so relax ..it will not infect ur machine
2006-06-13 21:38:55 · answer #4 · answered by Anonymous · 0⤊ 0⤋
Yahoo is safe.
2006-06-13 21:40:58 · answer #5 · answered by John Luke 5 · 0⤊ 0⤋
yeah, it came in the news papers, pls dont open any mail that has a subject that readssomething like :- New Graphic Site
DELETE IT RIGHT AWAY!!!!!!!!!!
2006-06-13 21:39:52 · answer #6 · answered by Chris 2 · 0⤊ 0⤋