Can there theoretically be any possible malicious code hidden in .ics files, which would steal your calendar data or something similar? For an example case, we'd be importing the .ics file into Google Calendar.
Asked
Active
Viewed 2,965 times
3 Answers
3
The real risk here would be the application importing the .ics file, the file in itself is harmless. Only if that application would improperly handle parts of the file content you would be at risk. With Google Calendar, I think those chances are very, very slim.
Teun Vink
- 6,788
- 2
- 27
- 35
2
Yes.
If the application importing the ICUS file had a vulnerability that a malicious ICS file took advantage of that could open up various possibilities for code execution. That's true for any application that reads data.
Swashbuckler
- 2,115
- 8
- 9
0
An .ics or .ical file absolutely can be harmful. They can contain many calendar events containing weaponized links. The result can be an annoying amount of appointment reminders containing links. Be very careful with these files and how they are delivered.
Tim Rice
- 1
-
2Links inside an invite are not in scope of the question. – schroeder Jun 03 '21 at 10:39