RSS Feed Hijacking
Real Simple Syndication (RSS) lets you automatically receive new data from updated Web sites that interest you. These subscriptions let you receive abstracts, summaries, or even new media files through an "RSS-feed client" without your direct action.
Hackers will inevitably begin to take advantage of these services as they become more popular. How? Computers already configured to download data can be hijacked and redirected to sites transmitting worms, spyware, or other dangerous programs.
These attacks could prove especially difficult to stop, because the victim's computer already regards the RSS download as "allowed," so it would bypass the firewall and other filtering mechanisms. As a result, the dangerous downloads would continue even if security software finds the malicious software installed on the victim's computer.
For now, the Internet does not yet have a single standard for RSS-feeds, so would-be attackers would to target specific software. Unfortunately, the latest release of Internet Explorer (version 7) from Microsoft will include built-in support for RSS feeds.
