It came to my attention today that people have been having trouble accessing TESNexus recently via the domain "tesnexus.com" without the "www" at the beginning. Sure enough when I tried to access the site via "tesnexus.com" instead of "www.tesnexus.com" I was redirected to a bad splash page website.
Astute forum member yoyohobo665 investigated the issue and found that there is a vulnerability in Windows XP and lower "that could allow spoofing", i.e. the redirection of legitimate traffic to bad places by bad people. There is a hot fix out and if you're a regular windows update user you will probably already have this fix, but if you don't use windows update or if you're a naughty person there is a downloadable version for XP available here
. This fix does not
check for legitimate XP installs. If you use an operating system other than XP (I believe Vista is safe) then you can find relavent downloads at this microsoft page
I'm unsure at this time whether this issue is server side (i.e. an issue I have to fix), client side (i.e. an issue you have to fix) or both. What I do know is that this issue is resolved via the hot fix Microsoft have released and I am inquiring about whether I need to be doing anything my end.Update:
I have investigated this issue and have patched up the server accordingly. Windows users (not including Vista) are still recommended to install the hotfix provided and please
let me know if you experience the issue again.