Trend Micro’s security research team believes that RSS (Really Simple Syndication) technology will become an enticing target for future computer worm attacks. 
David Sancho, a senior security researcher at Trend Micro, warns that attacking RSS feeds will become common once Microsoft officially launches Internet Explorer 7—a new browser with built-in RSS support.
In a white paper titled “The Future of Computer Worms,” Sancho writes that the launch of IE 7 will open up exciting possibilities for virus and worm programmers.
“The simplest way to exploit the popularity of RSS is to hijack control of news aggregators through existing RSS feeds to facilitate the download of new variants of various viruses and other harmful code installed on users’ computers. This is entirely feasible by directing configured RSS client applications to a website containing dangerous content.”
“This attack method involves checking whether systems with RSS client applications are configured to allow automatic downloads. If automatic downloads are permitted, the attacker only needs to add or modify an RSS feed pointing to a malicious website.”
Sancho predicts that attacking RSS feeds will be regarded as a passive download point, allowing attackers to easily bypass personal firewalls and other security barriers.
“The download process will continue even if the infecting virus has been detected. To escape this situation, users need a tool to detect and eliminate harmful configurations in the RSS client application.”
Therefore, this security expert recommends that companies consider implementing HTTP traffic management measures. For IT administrators, he suggests it is time to deploy software and hardware solutions to combat computer worm virus attacks.
Meanwhile, virus authors are seeking ways to spread their viruses as quickly as possible and exploit vulnerabilities as swiftly as they can.
Sancho also predicts that attacks using self-executing malicious code will become a new attack technique in virus campaigns.
