Alert ... sorry, but this seems real

June 13, 2006

Threat Advisory Center

New Email Threat Targeting Accounts

What It Is

New Email Threat Targeting Accounts

Symantec Security Response today identified a new worm that exploits

a vulnerability in 's Web-based e-mail program. The worm –

JS.Yamanner@m – spreads itself to the user's e-mail contacts

when the user opens an e-mail infected by the worm. In addition, the

worm also sends these e-mail addresses to a remote server on the

Internet. Only people with an e-mail address that is on or

may be impacted by this worm.

Symantec currently provides antivirus detection signatures to

protect account users against the JS.Yamanner worm.

Symantec encourages these users to run LiveUpdate to ensure that

they have the latest security updates.

Symantec Security Response is currently categorizing JS.Yamanner as

a Level 2 threat (on a scale of 1 to 5, with 5 being most severe).

Users of Beta do not appear to be vulnerable to the worm.

The e-mails can be recognized by the following title and contents:

From: <Various email addresses>

Subject: New Graphic Site

Body: This is test

Note: If users accidentally open an infected e-mail, they will also

see that their browser window is re-directed to the URL: http://]

is a popular e-mail program and is not normally affected by

this type of threat. There is no patch at the present time and

Symantec is recommending that users ensure that they have the latest

security updates.

The Symantec Security Response Web site provides additional details

at:

Recommended Posts