With the rapid proliferation of RSS Feeds and offline aggregators it is presumable that virus writers will try to exploit this avenue to spread the virus. RSS�t�B�[�h�̋}���Ȋg�U�ƃI�t���C����aggregators���Ƃ����肳�����p����E�C���X��҂͂��̓����L�߂邵�悤�Ƃ���E�C���X�ł��B But the question is whether it is feasible?�������A���́A����͎����”\���ǂ����ł����H

In short technically a resounding YES.�[�I�ɋZ�p�I�ɋ��������ł��B

RSS feed contents carry HTML data. RSS�t�B�[�h�̓��e�^��HTML�f�[�^�ł��B RSS aggregators are capable of displaying HTML in the content field.��RSS�A�O���Q�[�^�́A html�ł̃R���e���c��\���ł���t�B�[���h�ɓ�͂��܂��B
Many use the browser based engines like Internet Explorer's HTML rendering engine to display RSS feeds.�x�[�X�̃G���W���̂悤�ȑ����̃u���E�U���g�p����Internet Explorer��HTML�����_�����O�G���W����\������RSS�t�B�[�h�ł��B Hence the vulnerability of the rendering engine is also applicable to RSS aggregators.����䂦�A���̐Ǝ㐫�́A�����_�����O�G���W���ɂ��K�p������RSS�A�O���Q�[�^�ł��B

However practically the impact will be much less because you normally subscribe to feeds of sources you trust.������������̉e�������͂邩�ɏ��Ȃ��Ȃ邽�߂ɁA�ʏ�̃\�[�X��M������t�B�[�h���w�ǂ��Ă��܂��B

This however can be compromised when you subscribe to feed aggregation engines like PubSub, which fetches feeds from its large database based on your keywords.�������A���̂Ƃ��ɓo�^����”\��������܂��G���W���̂悤�ɉa���W��PubSub�ł́A�t�B�[�h���擾���Ă���A��K�͂ȃf�[�^�x�[�X�Ɋ�Â��ăL�[���[�h���g�p���܂��B The result is provides again as a RSS feed which can be fetched by your aggregator.���̌��ʂ͍ĂтƂ��Ē񋟂ł���RSS�t�B�[�h���擾���ăA�O���Q�[�^�ł��B

Is there are quick fix? �́A���̏ꂵ�̂��̉����ɂ́A�ł����H
Yes.�͂��B Set your aggregator to display only the title (safest) or just the excerpt.�ݒ肵�Ẵ^�C�g��������\������A�O���Q�[�^�i���S�j������A�����ł��B If you are interested in the content then you use your favorite secure browser to browse it (Firefox I presume).�̃R���e���c�ɋ���������ꍇ�ɓ�͂��A���D�����Z�L�����e�B�ŕی삳���g�p�����u���E�U���Q�Ƃ��邱�Ɓi Firefox�̎v���܂��j �B