Quote:Unfortunately in this case, disallowing the running of scripts may not save you from what the hackers were using. They were exploiting some bad code in how MS Windows handles animated cursors.
I'm aware of that exploit, as well, which is, as you already mentioned, fixed by now. Wasn't how they got me, though.
After finding my main character stripped, I spent some time retracing my steps and eventually got to a lovely forum topic containing a link to an image, or at least, a link that looked like one. It apperently redirected one to an evil website, which used an equally evil script to install something without you noticing (the page was nothing but a picture in appearance). At least, that's what I gathered from the replies that had been posted in the meantime, seeing as the link had been removed.
And to my knowledge, this hasn't been hotfixed yet. So in the meantime, I'd steer clear of miniurl or tinyurl links, and the same goes for other redirection services.