Loading ...
Sorry, an error occurred while loading the content.


Expand Messages
  • Olsmarie1@aol.com
    Maura - I will have to wait until I use my daughter s computer to get to Yahoo website - My website is frozen --Maybe it will be next week when I can get to
    Message 1 of 2 , Feb 1, 2001
    • 0 Attachment
      Maura - I will have to wait until I use my daughter's computer to get to
      Yahoo website - My website is frozen --Maybe it will be next week when I can
      get to her house -----Marie G
    • Paula
      Good morning, I wanted to let you know that yahoo email and yahoo groups has a worm going around that is infecting computers. It isn t bothering the Rich-Text
      Message 2 of 2 , Jun 13, 2006
      • 0 Attachment
        Good morning,

        I wanted to let you know that yahoo email and yahoo groups has a
        worm going around that is infecting computers. It isn't bothering
        the Rich-Text Beta mail. I own a Hungarian genealogy group and
        belong to an Ohio genealogy group and we have both been hit numerous
        times with this.
        If you get an email that the subject line is 'new graphic site',
        delete it. I'm pasting an article from Symantec below.
        I don't know if my computer is infected or not, that's why I'm
        sending this. I've done scans with Norton and zone alarm both and
        nothing has shown up. Just beware.

        Paula Knebler

        You don't have to open the attachment to get the worm. Merely
        VIEWING the email will infect you. Here's an article on it:

        Symantec has reported that an un-patched vulnerability of Yahoo Mail
        could be the source for spreading a highly infectious and "silent"
        JavaScript worm. The dangerous thing about it is that it can infect
        machines without users having to click on a suspect attachment, they
        just have to open the rogue message to get their PCs conquered by
        the worm.

        Symantec has reported that the worm's name is JS.Yamanner@m and it
        only affects users who have an e-mail address ending in @...
        or @yahoogroups.com. It seems that users with Yahoo! Mail Beta are
        not to be concerned about the threat. Nevertheless, the worm is to
        be taken seriously because the infection method is very effective
        and silent: when the user opens an e-mail infected by the worm,
        JS.Yamanner takes control by exploiting a vulnerability which
        enables scripts embedded in HTML e-mails to be run by the user's
        browser. It then sends the e-mail addresses he finds to a remote
        server on the Internet.

        There are potentially 100 million victims of the worm, since there
        are about 100 million users of Yahoo e-mail. Still, the malicious
        scripts are being blocked by Yahoo! Mail for security reasons, and
        this is the reason for which Symantec has categorized JS.Yamanner as
        a relatively low Level 2 threat (on a scale of 1 to 5, with 5 being
        most severe).

        Additionally, if users mistakenly open an infected e-mail, they will
        also see that their browser window is re-directed to display the Web
        page associated with the URL: http://www.av3.net/index.htm.

        "This worm is a twist on the traditional mass-mailing worms that we
        have seen in recent years," said Dave Cole, director at Symantec
        Security Response. "Unlike its predecessors, which would require the
        user to open an attachment in order to launch and propagate,
        JS.Yamanner makes use of a previously-unknown security hole in the
        Yahoo! Web mail program in order to spread to other Yahoo! users and
        harvests user information for possible future attacks."

        Symantec's advice for Yahoo users is to keep their antivirus and
        firewall definitions up-to-date and to block any messages coming
        from av3[at]yahoo.com, since there is no patch to the vulnerability
        yet. Further details are to be found at :

        Symantec also reported a few weeks ago that they've discovered a
        zero-day exploit in the popular text editor Word, which affects
        editions 2000, 2003 and XP. The exploit allows the hacker to take
        control over a machine by introducing through that vulnerability a
        trojan called Backdoor.Ginwui. The trojan is very dangerous since it
        can pass through various spam filters and since Symantec recognized
        that its main product, "Norton Anti-Virus", is not as capable of
        detecting specific malicious Word files.

        A possible way of infection include the opening of an infected Word
        attachment of an e-mail. This is why Symantec recommends high
        precaution concerning mail attachments and, since the attackers
        pinpoint towards large companies, Symantec also recommends a
        limitation of user-privileges when dealing with corporate e-mails.

        Microsoft's response was that they will be releasing a fix for this
        vulnerability not sooner than 13th of June 2006.

        But very recently, even Symantec itself, which protects large
        corporate and even governmental data, was put in a quite embarrasing
        situation, when Mike Puterbaugh, vice president of marketing for
        eEye Digital Security announced a critical vulnerability into
        Symantec's flagship product, naming it "everything required for a

        The flaw is said to have affected users of Symantec AntiVirus
        Corporate Edition 10.0 and Symantec Client Security 3. According to
        eEye the vulnerability can "compromise affected systems, allowing
        for the execution of malicious code with system level access."
        Although usual infections with viruses require a naïve user, who
        clicks on something suspicious, eEye says this time the flaw doesn't
        need user's interaction.
      Your message has been successfully submitted and would be delivered to recipients shortly.