Slashdot Mirror

← Back to Stories (view on slashdot.org)

Worm Wriggles Through Yahoo! Mail Flaw

Posted by ryuzaki0 on from the descriptive-imagery dept.

Jasen Bell writes to mention a ZDNet article about a clever new worm affecting users of Yahoo!'s email service. The virus uses a flaw in JavaScript to infect a computer when an email is opened from the user's web-based mail. From the article: "The worm, which was spotted in the wild early this morning, has hit the remote server more than 100,000 times, forwarding Yahoo e-mail addresses harvested from unsuspecting users, Turner said. Although the worm is spreading quickly, and no patch has been issued, Symantec is rating the threat a '2.' The security vendor uses a 1-to-5 rating system, with '5' as its most severe category."

4 of 186 comments (clear)

  1. Very interesting by ilovegeorgebush · · Score: -1, Troll

    Wonder which browser(s) was affected most....

    Why would you use Yahoo! anyway? :D

    --
    ilovegeorgebush
  2. Makes you wonder. by AltGrendel · · Score: 0, Troll

    Exactly what did yahoo do to make Symantec angry?

    --
    The simple truth is that interstellar distances will not fit into the human imagination

    - Douglas Adams

  3. Mac users aren't directly affected by this by macslut · · Score: -1, Troll

    Mac users aren't directly affected by this. Likewise if you turn off HTML email. Of course we still have to deal with infected waste from idiots with PCs who don't take any precautions. And of course our headlines today will be filled with this story.

  4. Re:First reported by tbmcmullen · · Score: 0, Troll

    Thats all true. However, I'd bet that its an IE-only flaw, due to IE's over-willingness to run Javascript wherever it finds it.

    Escaping things for IE sucks. It sucks hard.