Makers of firewall and anti-virus software are warning that RSS feeds could be the next big thing for spreading viruses. In this article from The Register, Trend Micro's marketing manager says, "RSS feeds point to HTML pages and as such, they can be made to point
to HTML-exploits or malicious JavaScript. It certainly can be a
possible way of distributing malicious code over the internet to the
subscribers of the RSS feed." Zone Labs, makers of ZoneAlarm, agree.
Personally, I don't buy it. It's not unlikely that such a vulnerability will be found in RSS readers in the near future, but as pointed out in the article, to be a useful medium for spreading a virus an RSS feed has to be very popular. But in order for a virus to get into a popular RSS feed, whomever is publishing the feed would have to insert the virus intentionally, or accidentally create a situation in which a third party could. Though not impossible, it seems like an unlikely confluence of circumstances.
Do you think Trend Micro and Zone Labs will be touting RSS scanning features in their upcoming anti-virus and firewall products?
Reader Comments (Page 1 of 1)
7-14-2005 @ 7:26PM
Joost Schuur said...
Bonus points for the GiantMicrobes.com pic!
Reply
7-21-2005 @ 8:12PM
SkullyFM said...
Possible, but RSS is delivered through HTTP just like web pages. If your antivirus is already scanning web pages it should automatically eradicate them
Reply