Called Yamanner, the worm attacks all versions of Yahoo Mail, except for the latest beta, security vendor Symantec warned. At the time Symantec recommended, the JavaScript flaw did not have a patch, but by the end of yesterday, Yahoo announced that it had completed the patch.
New worm alerts attack Yahoo Mail! Picture 1Source: BBC According to Yahoo, the patch will automatically distribute to all existing Mail accounts in Yahoo Mail and automatically block the vulnerability without any action or interference from users. Yahoo also confirmed that the number of Yahoo Mail users affected by the incident is "very little".
Yamanner "typed in" the user's Yahoo mailbox with the subject line "New Graphic Site". Once the message is opened, the computer will be infected immediately and Yamanner can quickly spread all the names on the contact list of the email.
These email addresses are also sent to a remote server. Symantec suspects that Yamanner's author will use this information in future spam releases.
" Yamanner has a completely new user approach. It takes advantage of the shortcomings in JavaScript, so users who don't need to click on attachments get stuck ," said Symantec's Dean Turner.
According to Turner, although only recently since noon yesterday, but Yamanner has signaled to the remote server more than 100,000 times, bringing with them the information "harvested".
It is still too early to predict whether this worm will transform into other forms or attack other browser-based email services such as Gmail.
Systems affected by the Yamanner worm include Windows 2000, Windows 95, Windows Me, Windows NT, Windows Server 2003 and Windows XP.