A new JavaScript based worm has been found crawling through a flaw in Yahoo's webmail servers, requiring Windows users to update their anti-virus protection. The JS.Yamanner@m worm was reported by Symantec on Monday and affects all Yahoo Mail users not using the Yahoo Mail Beta version. Symantec has rated the worm to be of medium damage and medium distribution. The 6,377 byte worm exploits a JavaScript flaw in Yahoo's implementation and when opened, collects addresses in the user's webmail folders and then starts to spread. The worm takes a novel approach in that it does not require the user to click on any attachment for it to function; the e-mail only needs to be opened within Yahoo Mail. By late Monday, Yahoo had already disabled the functionality in Yahoo Mail that allowed the worm to spread. All Windows users, from Windows 95/98/ME to Windows 2000/XP/2003 are affected, and users are urged to download the latest anti-virus updates for their client anti-virus software. The advisory should be a subtle warning to web programmers and webmasters who are pushing forward with AJAX technologies, as extensive use of JavaScript (the 'J' in AJAX) can bring with it new security vulnerabilities.
Source: SecurityFocus.com
Tags: Yahoo, Security, Gr33n Data
So THAT'S what happened! Now I know why I can't use Yahoo Mail's search feature. Thanks for the heads up.
ReplyDelete