And like any good Microsoft application AJAX-based apps may also form a vulnerability in the security fabric of your network. Navaho Gunleg reports on DarkNet about how a hacker could use AJAX-based applications to execute some malicious operation on a visiting PC.
Business shouldn't get too paranoid about AJAX vulnerabilities and nor should it try and do something stupid like banning AJAX the way it's done with IM . A better approach is to work through the security community to understand AJAX's limitations and push your security suppliers to deliver the devices that can inspect AJAX content.
We can prevent malformed HTML or XML packets. AJAX is no different.