Bracknell, Berkshire â August 23, 2004 â Finjan Software, the leading provider of secure content management solutions for global companies, today announced that its Malicious Code Research Center (MCRC), a department designated to detect the next attack by hackers, discovered a new critical cross site scripting vulnerability in Yahooâs Web-based e-mail service. This vulnerability allowed hackers to develop an attack that could have caused significant computer damage during regular Internet use.
This vulnerability resulted from the failure of Yahooâs active content filter to adequately block Active X controls and other active content components, and affected all Windows based system platforms that read e-mail messages using Yahoo Web-mail service. Active X controls are downloadable programs that run with the same rights and privileges as the user, allowing access to files and personal information stored on a local hard drive or shared folder. A no-click attack could have launched automatically once a user opened an e-mail message. For example, the vulnerability could have also potentially allowed a worm to read Windows address book, replicate and send itself to everyone in the address book, and have this process repeat at an exponential rate. It could have also harvested email addresses from local files, just like any other worm, and use the Yahoo webmail vulnerability to send the email messages.
"Many organizations are adequately prepared for e-mail attacks, but few are prepared for Web-based attacks that exploit the browser," said Shlomo Touboul, founder and CEO of Finjan Software. "Web-based attacks can be just as damaging as e-mail-based attacks and proactive behavior blocking technology is the most effective way of protecting against them."
Owners of Finjanâs content security products â Vital Securityâ¢ for Web, Vital Securityâ¢ for E-Mail, Vital Securityâ¢ for Clients and SurfinGuard Pro would have been automatically protected from malicious code attacks exploiting this Yahoo vulnerability, prior to its detection and correction through the use of the underlying behavior-based blocking technology in all Finjan products. Finjanâs patented behavior blocking engine will protect computer users from similar future vulnerabilities and comparable potential exploits.