Yahoo Mail Virus

[dc]

For those of you who use Yahoo mail.......

http://securityresponse.symantec.com/avcenter/venc/data/js.yamanner@m.html

Yahoo has been "working on a fix", but SANS has reported that the exploit is still being worked on by its authors because the script has changed since they began analyzing it this afternoon.

Your only solution at the moment is to switch to the new Beta version of Yahoo mail, which is not affected.  This is a javascript issue, so even opening the email will trigger it.  It's either that, or disable javascripts from running, in which case you won't be able to view your Yahoo mail at all.

[Gamplayerx]

How about not opening mail with Subject: New Graphic Site?  Wouldn't that work, too?

[dc]

How about not opening mail with Subject: New Graphic Site?  Wouldn't that work, too?

The problem is that if they're still working on it, they may change the subject line.....

[sapphirehart]

How about not opening mail with Subject: New Graphic Site?  Wouldn't that work, too?

My inbox has been filled with that nasty email all day.  I use Bellsouth.  I finally set up a filter to delete "New Graphic Site" emails from the server before they even downloaded.

[dc]

How about not opening mail with Subject: New Graphic Site?  Wouldn't that work, too?

My inbox has been filled with that nasty email all day.  I use Bellsouth.  I finally set up a filter to delete "New Graphic Site" emails from the server before they even downloaded.

Are you getting it through Yahoo Groups?  The script is supposed to only target emails with @yahoo.com or @yahoogroups.com.  If it's moving to other servers, then it's changing.  Apparently it's sending all the email addresses it gets somewhere, so it's probably building a nice spam list for someone.

[eo000]

i'm suprised i haven't gotten more of you with it. 

[HELIX]

checked mine out and there was nothing in there.  could have been sent to bulk mail with the other 412 i had in there.

[sapphirehart]

How about not opening mail with Subject: New Graphic Site?  Wouldn't that work, too?

My inbox has been filled with that nasty email all day.  I use Bellsouth.  I finally set up a filter to delete "New Graphic Site" emails from the server before they even downloaded.

Are you getting it through Yahoo Groups?  The script is supposed to only target emails with @yahoo.com or @yahoogroups.com.  If it's moving to other servers, then it's changing.  Apparently it's sending all the email addresses it gets somewhere, so it's probably building a nice spam list for someone.

Yeah, I am being sent the virus by members of my yahoo groups.  I opened the first email that I got this morning not realizing it was a virus and my bellsouth server had stripped it before it got to me.

[Miss Molly]

Oh crap.  I recently switched to the new Beta Version of Yahoo mail, and I got that email, and I opened it (Not fully double-clicked opened it, but opened it in the reading pan).  Am I screwed?

[dc]

Oh crap.  I recently switched to the new Beta Version of Yahoo mail, and I got that email, and I opened it (Not fully double-clicked opened it, but opened it in the reading pan).  Am I screwed?

No.  The beta version of Yahoo mail isn't vulnerable, so you're ok.

[Alice]

SHE'S INFECTED!!!!  RUN!!!!