Do you like to read a blog? Every day, before start to work, do you read your favorite one? What do you use to be updated? RSS? Atom? If yes, your computer could catch a virtual cold, says SPI Dynamics CTO .
Software and services used to download feeds transmitted via the RSS or Atom formats can download and execute JavaScript code buried within the text.
And you are not safe, even if you use trustable services like Bloglines, or readers like Firefox, because web feed could contain a link to another Web site or blog that's hosting malicious JavaScript. Or maybe a blog might have an area allowing readers to post public comments. Those can also store malicious bits of JavaScript.
The best way to guard against these sorts of attacks would be for blog-reading software and services to re-encode all JavaScript it receives to render it harmless. Creating this filter would not cause feeds to arrive much slower. But until as we know, no blog-reading software or service re-encodes the JavaScript codes.
My comment: Take care! Don't forget to use a good anti-virus, firewall and anti-spyware!
No comments:
Post a Comment