yllus
Elite Member & Lifer
In IE, go to "Tools" > "Internet Options". Under "Security" > "Custom Level..." Scroll down to "Scripting" and change "Active scripting" to "Prompt".
What these sites are doing is accessing the same file Internet Explorer uses to display MSN Messenger in your browser on sites like Hotmail, "mshtml.dll". Now - this isn't a trojan of any type, the website is actually making legitimate use of the DLL file to, apparently, advertise this URL and keep the worm going. The worm actually sends out this message one time per website load. Do not delete "mshtml.dll"!
The first paragraph I've written is how to stop the script from being run, since instead of being automatically executed when you load the web page, it prompts you first (just click "No"!). However, a *lot* of websites now use so-called "Active Scripting" on their sites. Turning this option off can get annoying, quick.
I'd advise you to be careful for the next 24 hours or so about website URLs you get messaged with in MSN Messenger. Click "No" when prompted to load scripts on these pages if you want to visit them anyway. Otherwise, now that you already know what to watch out for, there's no reason why you should have your browser prompt you before loading Active Scripts - just keep an eye out!
Unfortunately the worm is very easy to set up and get going, so get ready for a lot more sites that use this hole until MS does something permanent about it...
--sully
What these sites are doing is accessing the same file Internet Explorer uses to display MSN Messenger in your browser on sites like Hotmail, "mshtml.dll". Now - this isn't a trojan of any type, the website is actually making legitimate use of the DLL file to, apparently, advertise this URL and keep the worm going. The worm actually sends out this message one time per website load. Do not delete "mshtml.dll"!
The first paragraph I've written is how to stop the script from being run, since instead of being automatically executed when you load the web page, it prompts you first (just click "No"!). However, a *lot* of websites now use so-called "Active Scripting" on their sites. Turning this option off can get annoying, quick.
I'd advise you to be careful for the next 24 hours or so about website URLs you get messaged with in MSN Messenger. Click "No" when prompted to load scripts on these pages if you want to visit them anyway. Otherwise, now that you already know what to watch out for, there's no reason why you should have your browser prompt you before loading Active Scripts - just keep an eye out!
Unfortunately the worm is very easy to set up and get going, so get ready for a lot more sites that use this hole until MS does something permanent about it...
--sully
