Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
Yahoo!, you've got worms
Published: 2006-06-13

A new JavaScript based worm has been found crawling through a flaw in Yahoo's webmail servers, requiring Windows users to update their anti-virus protection.

The JS.Yamanner@m worm was reported by Symantec on Monday and affects all Yahoo Mail users not using the Yahoo Mail Beta version. Symantec has rated the worm to be of medium damage and medium distribution (note: SecurityFocus is owned by Symantec Corp). The 6,377 byte worm exploits a JavaScript flaw in Yahoo's implementation and when opened, collects addresses in the user's webmail folders and then starts to spread. The worm takes a novel approach in that it does not require the user to click on any attachment for it to function; the e-mail only needs to be opened within Yahoo Mail. By late Monday, Yahoo had already disabled the functionality in Yahoo Mail that allowed the worm to spread.

All Windows users, from Windows 95/98/ME to Windows 2000/XP/2003 are affected, and users are urged to download the latest anti-virus updates for their client anti-virus software. The advisory should be a subtle warning to web programmers and webmasters who are pushing forward with AJAX technologies, as extensive use of JavaScript (the 'J' in AJAX) can bring with it new security vulnerabilities.

Posted by: Kelly Martin
    Digg this story   Add to  
Comments Mode:
Yahoo!, you've got worms 2006-06-15
Juha-Matti Laurio


Privacy Statement
Copyright 2009, SecurityFocus