The fact that this kind of attack can be easily launched from even a trusted site, by way of blog commenting with rogue code included, makes it all the more dangerous. It is not something restricted to rogue bloggers by any means.
Although it is easy to lay the blame at RSS reader software developers for not building in better security checks from day one, the real problem runs deeper than that. The root of the problem is, it has to be said, not RSS software at all but rather the lack of understanding of IT security at its most basic of levels, and an apparent inability for the average user to realize the very real risk to their very real personal data by not getting it.
If you can, then disable script and applets from in-feed launching.
Combining this with general safe computing practice, including running a firewall and anti-malware scanners, represents the best defense.