Any news on this security problem caused by WSHOM (Spelling?)

Is there any way to detect & stop it short of removing WSH from the system

You know firewalls are useless with this thing

Here's an NSClean article about it:

<a target="_blank" href=http://www.nsclean.com/axtest.htm>http://www.nsclean.com/axtest.htm</a>

If you've got ActiveX set to 'prompt' such an exploit shouldn't succeed.

You could also rename wshom.ocx, of course.

thanks
But is wshom.ocx needed at all to view sites with scripting or can they run without it.

And why aren't firewalls intercepting this.
I know my zone alarm has mobile code control; how do I configure it probably to catch Wshom intrusions
it has:
[] block scripts (Javascript, VB Script, etc)
[] block embedded Objects (Java, ActiveX)
[] block mime-type integrated objects

I mean I know what to do but what should I check from the above and yet maintain my ability to browse scripted sites?

I would think if some one made a "wshom-blocker" plugin that works just like AdShield it would be a life saver for us!

Tony,
I just want to add this, I did this test about 6 months ago and I did not get a warning

When I did it now I got both a Warning from IE & to my surprise Zone Alarm, even though the mobile code control was off, it CAUGHT the wshom.ocx component trying to load and asked me what to do.

this is because my ZA version has component control which turns out to be quite useful and quite annoying at times (learning curve!)

I'm not running ZoneAlarm so I couldn't tell you how to configure it.

However, as I said, if you set ActiveX options to 'prompt' you WILL get a message, and the exploit won't work.

Or try renaming Wshom.ocx, and run a script.

See whether it will work.

good idea

thx!