Quarantined?
 

Are there any more details on this and why it was quarantined?

thanks.

We do not release additional details, no sense having the exploit in the wild without a fix.

If it's quarantine it's for a reason. You should probably disable this modification on your board for the time being.

Is the recommendation to disable this mod in effect for all versions of VB? Thanks.

From what I can tell, yes. You should disable it in vb3 and in vb4. You should also remove the actual files from your website (just the php files).

Sorry to say - but I find this comment ridiculous....for this modification.

ibProArcade has it's own section here at vB.org - its' the most downloaded/installed modification here. This being the case - I'm sure the 8400 people who've at least clicked install would feel more secure about their vBulletin paid-product if given a reasoning behind why such modification is quarantined.

This policy about "we do not release additional details" truly could use a bit of transparency as concerns such popular modification(s) as ibProArcade! Even if said transparency takes shape in a little info-note attached to the automated(?) quarantine email.

Meanwhile -congrats vBulletin.org for continually keeping members in the dark!

I sincerely hope that MrZeroPage offers up a fix for this exploit, and QUICKLY!

J.

I'm sure they will contact MrZeroPage about this but I'm not sure he has the time anymore :(
like Zachery said why exploit

you have to realize that consequences far outweigh the right to know what the problem actually is/
Say he does mention what the exact exploit is.. This could leave possible thousands of boards out there that maybe haven't received the message about the quarantine, vulnerable to the exploit to many new people that now know what the exploit is. And by people, I mean guys that just want to cause truoble..
so is it better for them not to say and we just disable the mod.. wait for the fix, or let you know and possibly open a bunch of boards up to now a bunch of people that didn't know, but now do ???

the smart move is just disable and wait

The problem is, we were told there was an "issue". That's it. What kind of issue? Copyright? Security? What?

I get an email saying there's an issue with a modification and it's been quarantined. Yeah. That tells me a whole lot. In truth, it tells me absolutely nothing at all.

Yes exactly. The email notice was useless.

I thought they may have been cryptic because the issue was something different to security this time. I'm pretty sure in the past these quarantine notices have always stated 'for security reasons' and that its advisable to disable the product until such a time that a fix is provided. I obviously don't expect them to publish details of the flaw(s). But just a couple of simple words would suffice in letting us know there are security risks in allowing the software to remain on our servers.