Symantec is reporting (and I've already received some of these rogue emails in my Y! Mail today) that an email with the subject line, "New Graphic Site" contains
- a worm that is written in JavaScript. It exploits a vulnerability in the Yahoo email service to send a copy of itself to the user's Yahoo email contacts. The worm cannot run on the newest version of Yahoo Mail Beta.
- Although Yahoo's Web e-mail has not been fixed, users are advised to update virus and firewall definitions and block any e-mail sent from av3@yahoo.com. The subject line of the e-mail with the worm says "New Graphic Site," and the body says "this is test."
In short, if you receive an email with this subject line, simply delete it (without opening or reading its contents) and move on. Y! Group moderators need to be especially cognizant to the potential damage this can have to their mail list subscribers.
1. Nasty, I just saw a bunch of these messages sent to one of the Y! Groups I'm subscribed to.
One thing I'd love to point out is that Yahoo! Mail Beta is not susceptible to this particular attack.
Posted at 3:19PM on Jun 12th 2006 by Ryan Kennedy