A recent report by the independent information security consultancy Context reveals that the new graphics engine WebGL, which is enabled by default in Firefox 4 and Google Chrome, opens the browsers to serious attacks, including the remote execution of malicious code.
Based on this report, the US Computer Emergency Readiness Team (US-CERT) advice users to review the report and disable WebGL in their browsers to help mitigate the risks.
For your information, WebGL is a new web technology that brings hardware-accelerated 3D graphics to the browser without installing additional software. It is enabled by default in Firefox 4 and Google Chrome and is included in Safari and Opera.
For Firefox 4: Run Firefox and type about:config in the address bar and continue with warning dialog. Type Webgl in the Filter box and double click webgl.disabled to set its value to true.