View Single Post
Old 26th August 2004, 04:50   #16
DJ Egg
Winamp & SHOUTcast Team
Join Date: Jun 2000
Posts: 35,817
It's not a case of 'not downloading skins'.
You're safe if you download skins from any of:,, 1001winampskins,, deskmod, etc etc...
You'll probably be safe if you knowingly download any wsz or wal file.
It's when the url is a seemingly unsuspicious link to a .php or .jpg that you've got to worry, because that's currently how the exploit is utilized.

The best thing you could do right now is:
WinME/2k/XP > Windows Folder Options > File Types tab > WSZ > Advanced:
Checkmark: "Confirm open after download"

Repeat for WAL

(Note: Under Win9x, it's 'Edit' instead of 'Advanced')

This will now make Internet Explorer ask if you want to open or save WAL & WSZ files.
Naturally, if you clicked on a link to a jpg or php (or any other extension other than wal or wsz) then you've probably come across the exploit (so it'd probably be wise to click 'Cancel').

For other browsers, you'll need to go into the browser config and change the setting accordingly, eg. for Firefox:

Tools > Options > Downloads tab:
WSZ / WAL > Change Action:
Checkmark: "Save to Disk" (instead of Open...)

Firefox will now prompt you instead of automatically downloading & executing skin files.
DJ Egg is offline   Reply With Quote