A mass-mail worm that exploits a vulnerability in Yahoo’s Web-based e-mail is making the rounds but the impact appears to be low, security vendor Symantec said today.
The worm, which Symantec calls JS.Yamanner@m, is different from others in that a user merely has to open the e-mail to cause it to run, said Kevin Hogan, senior manager for Symantec Security Response. Mass-mail worms have usually been contained in an attachment with an e-mail note encouraging a user to open it.
The worm, written in JavaScript, takes advantage of a vulnerability that allows scripts embedded in HTML e-mail to run in the users” browsers. Yahoo users should be able to modify their settings to block the zero-day exploit, Hogan said.
Symantec rated the worm a Level 2 threat, one notch above its least harmful ranking. Hogan said the worm did not appear to be spreading widely, and he did not anticipate the threat level rising.
How It Spreads