http://www.warp2search.net/modules.php?name=News&file=article&sid=15044
Reading Further, it appears to be using the ADODB.Stream vulnerability
Sounds like the one I read about somewhere else, and prepared a regfile fix from the edit info provided.
REGEDIT4
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{00000566-0000-0010-8000-00AA006D2EA4}]
"Compatibility Flags"=dword:00000400
----- Cut from REGEDIT4, paste to .REG file, apply - not quite sure what the 400 value is, but it's either the "kill" bit or the "unsafe" bit
As used by "Spywareblaster", which deactivates a large number of Activex controls from causing unwanted activity in Internet Explorer.
http://www.javacoolsoftware.com/spywareblaster.html
Reading Further, it appears to be using the ADODB.Stream vulnerability
Sounds like the one I read about somewhere else, and prepared a regfile fix from the edit info provided.
REGEDIT4
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{00000566-0000-0010-8000-00AA006D2EA4}]
"Compatibility Flags"=dword:00000400
----- Cut from REGEDIT4, paste to .REG file, apply - not quite sure what the 400 value is, but it's either the "kill" bit or the "unsafe" bit
As used by "Spywareblaster", which deactivates a large number of Activex controls from causing unwanted activity in Internet Explorer.
http://www.javacoolsoftware.com/spywareblaster.html
Another internet worm was released through IRC networks. The worm is disguised as a .jpg picture named Britney.jpg from Angelfire. Whatever you do do not open britney links in Internet explorer. An exploit taking advantage of holes in Internet Explorer along with Windows Media Player ensures the worm free passage to your computer, where it starts deleting system files and destroying the registry.