WORM HITTING YAHOOGROUPS ALSO - DON'T OPEN MESSAGE NEW GRAPHIC SITE

[Guest guest]

>

> A new worm targeting Yahoo's Web-based e-mail service bent on

> collecting addresses for a spam database has been spotted in the

> wild, a security company warned Monday.

>

> ADVERTISEMENT

>

> The " Yamanner " worm exploits a JavaScript vulnerability in Yahoo's

> Web mail, Cupertino, Calif. security specialist Symantec said in a

> Monday morning warning to customers of its DeepSight Threat

> Management System. Yamanner is spreading, added Symantec, which

has

> assigned the threat a " 2 " in its 1 through 5 rating system.

>

> The worm targets addresses with the " yahoo.com "

> and " yahoogroups.com " domains, and arrives as an HTML message

> containing JavaScript. As soon as the recipient views the message,

> the script automatically runs to spread the worm to other users in

> the Yahoo address book. The message will have a From " address of

> av3@... and a Subject: of " New Graphic Site. "

>

> " Harvested addresses from the address book are then submitted to a

> remote URL, which is likely to be used for a spam database, " noted

> Symantec in its alert.

>

> Yamanner won't execute on the newest Yahoo Mail Beta.

>

> Until Yahoo patches the flaw, Symantec recommended users steer

clear

> of the service or disable the browser's JavaScript capabilities

> before reading any Web mail.

>