Nobody's forcing you to upgrade. You can choose either to a) upgrade, b) use a version with the exploit and ignore all DCC's with /ignore -wd *, or c) downgrade to a version which isn't affected by the exploit. If you don't want to ignore DCC's well I'm afraid that's too bad. You could always look at whatever script you're referring to and try to see the specific code which fixes the exploit, or you could code DCCs in via sockets. Or even better, ignoring all DCC's finally gives people a reason to stop using DCC altogether and use a real file transfer protocol.