Yahoo’s turn
Hot on the heels of Microsoft’s recent security fixes (one of which affects Macs), Yahoo has provided a fix to their Web-based email system that also seems to affect Macs. If you use a email address, this fix is certainly relevant to you.
Yahoo’s email system had a bug in it that allowed a maliciously crafted email to act as a virus (technically a worm) simply by being read by the user (you). In almost all previous cases, one had to actually open an email attachment to be infected by any virus contained in that email. Unfortunately some clever hacker figured out how to take advantage of a flaw in Yahoo’s use of “JavaScript” (an HTML technology) to write a virus that activated as soon as the email was read. Although such a virus is theoretically possible in any email system that supports JavaScript, this seems to be the first significant case “in the wild.”
Although Symantec does not list Mac OS X as an affected system of the virus (which is being called Yamanner), there seems to be no reason that it wouldn’t be, and there has in fact been at least one report in Macintouch claiming that it is.
The good news is that Yahoo reportedly has fixed the problem solely within its system, without requiring any changes to users’ machines or Web browsers. The fix, however, was made only after the worm started circulating. Also in the good news category, it seems that “all” the worm did was send itself to everyone in your Yahoo address book (with a subject line of “New Graphic Site”). JavaScript worms, by their nature, can’t do as much as most other viruses, but they could do a lot more damage than this one seems to have done.
Finally, both for edification purposes and because it’s sort of fun when we actually get something right, here’s the relevant section from “Internet Security for Your Macintosh” on this very subject (from Chapter 5, “Safe Surfing”):
Thursday, June 15, 2006