Blogger comments are off

During my weekly read through bugtraq looking for apps I use that might need updating I came across one for blogger.

http://www.securityfocus.com/archive/1/394523/2005-03-29/2005-04-04/0
"...an attacker may inject executable code into
the archive page by posting a comment to the weblog because, while
Blogger automatically strips most HTML from comments, they do not strip
processing instructions."

I guess it doesn't matter if you use blogspot to host your blog, but I don't. So I have disabled comments for now.