Yammer Worm Attacks
Yahoo Email - Virus and Spyware Companies Say the JS-Yammer Is Easy To
Remove From Computer
June 14th 2006
The Yamanner worm appears to be contained and has been quarantined by
“wild” that exploits a vulnerability in Yahoo!'s Web-based email
program, according to Symantec Security Response. The worm spreads
itself by infiltrating the Yahoo! Email contacts when the user opens an
So far it appears only those using @yahoo.com and @yahoogroups.com
addresses were impacted by the worm. Yammer also sends these email
addresses to a remote server on the Internet.
The worm exploits a vulnerability that enables scripts embedded in HTML
emails to be run by the user's browser. Normally these scripts are
blocked by Yahoo Mail. Symantec says users of Yahoo! Mail Beta do not
appear to be vulnerable to JS.Yamanner.
The title of the email has the words New Graphic Site in the subject
line. In the text of the message the words “this is a test” appears.
If the user inadvertently opens the email they will find that the
browser window is redirected to display the Web page associated with the
The virus is easy to remove with Symantec and other virus software. It
is important to keep the software up to date.