Hotmail and Yahoo! have patched their web-based email services to guard against becoming vectors for the spread of mass-mailing viruses.

As reported last week, a security researcher discovered that cross-site scripting vulnerabilities make it possible to replicate Melissa-type worms through Web mail services.

Matt Parcens, the white-hat hacker who discovered the problem, has updated his Web site to say that both Hotmail and Yahoo! have now updated their services to guard against the Javascript exploits the vulnerability allows.

Other Web-based email services are advised to follow Hotmail's lead in acting to prevent virus writers exploiting their systems to spread worms, or other forms of malicious code. ®

Related stories

Why Hotmail could spread viruses even faster than Outlook