When, exactly, is stuff downloaded using the Exploit?
My understanding is that the bogus download initiates @ the map loading screen within Wc3 - is that correct?
IE if i check my startup folder after each time i play the game, am i good to go for ppl using the Startup Folder method?
Also, how many restarts later untill malicious code would be executed, using the Startup Folder method?
I think i read that it was the 2nd restart after the bogus download - is this information accurate?
I ask only b/c if it's the *1st* restart after the bogus download, a BSOD or any other unforseen complication that caused a restart would make the whole checking of Startup Folder method useless.
Basically, i'm trying to grasp the order of operations - from when the initial map code fires to when the resulting download can cause malicious code execution (when using the Startup Folder method).
For the record, i still think a sufficiently skilled person could find a way to cause malicious code execution without going thru the Startup Folder (c:\autoexec.bat is one thing i've seen mentioned), and
anyone could trigger large file downloads to waste Hard Disk space and Bandwidth (both of the site being downloaded from, and the user(s) downloading).
Therefore, while i recognize that checking one's Startup Folder can counter some uses of the Exploit, it is
not a "fix-all guarentee".
But, then, i guess few things are in situations like this.
Also, Newuser, the Wc3 Forums have rules regarding posting about cheats/hacks/exploits/etc, so one would have to be rather..... careful.
I e-mailed the details of the exploit to
[email protected] , called Blizzard and reported it via that venue also, and carefully posted on the Wc3 Forums, so, hopefully, something is in the works....