Slashdot Mirror

← Back to Stories (view on slashdot.org)

Worm Wriggles Through Yahoo! Mail Flaw

Posted by ryuzaki0 on from the descriptive-imagery dept.

Jasen Bell writes to mention a ZDNet article about a clever new worm affecting users of Yahoo!'s email service. The virus uses a flaw in JavaScript to infect a computer when an email is opened from the user's web-based mail. From the article: "The worm, which was spotted in the wild early this morning, has hit the remote server more than 100,000 times, forwarding Yahoo e-mail addresses harvested from unsuspecting users, Turner said. Although the worm is spreading quickly, and no patch has been issued, Symantec is rating the threat a '2.' The security vendor uses a 1-to-5 rating system, with '5' as its most severe category."

2 of 186 comments (clear)

  1. Makes you wonder. by AltGrendel · · Score: 0, Troll

    Exactly what did yahoo do to make Symantec angry?

    --
    The simple truth is that interstellar distances will not fit into the human imagination

    - Douglas Adams

  2. Re:First reported by tbmcmullen · · Score: 0, Troll

    Thats all true. However, I'd bet that its an IE-only flaw, due to IE's over-willingness to run Javascript wherever it finds it.

    Escaping things for IE sucks. It sucks hard.