Wiki page

Thanks for letting us know...we'll pass it on as soon as we can.

Thanks, Don. I go to the Wiki frequently. Really good of you to let us know about this. 

*edit...went on irc, and it's being dealt with per Lantec

I just wish there was an edit button for the first post so I could change it to its, I’ve been Zubazed.

I suspect this was embedded in an ad, as I'm not seeing anything on the pages themselves (though there were a few pages of spam). That would be the easiest way to spread it. If you can identitfy the specific ad in use that would help a lot as we could then report that. Alternatively, if it was on a particular page, it would be good to know that (perhaps it was a false positive; we do have some pages relating to scripts).

Personally, I suggest not using IE would be a good start, but we're investigating. Another good idea is to set the XML kill bit as described in the workaround to this bulletin:

http://www.microsoft.com/technet/security/Bulletin/MS06-071.mspx

The update provided by Microsoft in that bulletin may also help protect against it.

I didn’t click on any ads but I did visit the Xion download page, I didn’t download anything. Sorry I didn’t think about that until you mentioned ads.

Depending on the ad served by the network, it might not be necessary to click on them - that's what makes browser exploits so dangerous. Many have embedded code of some kind, and if they can activate a vulnerable component . . .

The solution is not to allow the vulnerability, as otherwise any page you visit is potentially dangerous.