Forum Moderators: open
The US Computer Emergency Readiness Team is advising users of the Mozilla Firefox and Google Chrome browsers to disable a recently added graphics engine that can be exploited to take control of end user computers.
The web standard known as WebGL opens the browsers to serious attacks, including the remote execution of malicious code, independent research consultancy Context Information Security recently warned. The technology made its debut in version 9 of Chrome and was added to the recently released Firefox 4. WebGL is also present in builds of Opera and Apple's Safari.
In Firefox 4, type "about:config" (minus the quotes) into the address bar and set webgl.disabled to true.
In Chrome, get to the command line of your operating system and add the --disable-webgl flag to the Chrome command. On a Windows machine, the command line would be "chrome.exe --disable-webgl"
