Yamanner worm targets Yahoo Mail users

JS/Yamanner used JavaScript to exploit a flaw in Yahoo Mail

Yahoo has repaired a vulnerability in its Yahoo Mail service that allowed a worm to harvest email addresses from user accounts and further spread itself.

The JS/Yamanner worm automatically executes when a user opens the message in the Yahoo Mail service. 

JS/Yamanner uses JavaScript to exploit a flaw that was unpatched until today. Yahoo fixed the vulnerability late on Monday.

"We have taken steps to resolve the issue and protect our users from further attacks by this worm. The solution has been automatically distributed to all Yahoo Mail customers, and requires no additional action on the part of the user, " said Yahoo spokeswoman Kelley Podboy in a statement.

JS/Yamanner was sent to addresses in the yahoo.com and yahoogroups.com domains. It appears to be sent from av3@yahoo.com and has 'New Graphic Site' as its subject.

The worm was probably attempting to harvest email addresses for spam purposes.