That's strange, because our 6.5 site had the message on it this morning.
Let's be fair Neilt, the guys at VP are in a catch 22 situation. If they announce more details of patchs and security measures it makes it easier for the hackers, but makes it more difficult for us (I have 6 sites to update with 4 more in production so I feel your pain).
Lets take the scenario that they give even more details and the hackers life becomes easier, you will then start to complain that you are being hacked, which will mean that you have to do even more updates and get annoyed again, or worse you have some very late nights patching your sites after the hackers have struck.
I agree that the current situation is not the best but I firmly believe VP are doing their best (now where's my commission?).
VP support - how about this for a suggestion? You have probably had a number of users (myself included) contact you regarding hackers and patching (thank you again for the help). You can therefore build up a list of people who are most vunerable to the hacker (i.e. those that have been hit and so are on the hackers hit list), why not create a mailing list of these people and then if you need to send out an urgent update you can contact them directly as well as use the standard method. The email could then contain a little more information as Neilt wants.
There is one error in the files you have distributed, in shopmysqlsubs.asp lines 1023 and 1094 are:
fieldvalue = request.form(fieldname)
However according to an earlier update they should be:fieldvalue = cleanchars(request.form(fieldname))
I'm assuming the cleanchars one is correct.
Steve
Sex toys from a UK sex shop