New web browser exploit vector: WebGL

[Tiffanys]

WebGL - A New Dimension for Browser Exploitation
James Forshaw
Summary

WebGL is a new web standard for browsers which aims to bring 3D graphics to any page on the internet. It has recently been enabled by default in Firefox 4 and Google Chrome, and can be turned on in the latest builds of Safari. Context has an ongoing interest in researching new areas affecting the security landscape, especially when it could have a significant impact on our clients. We found that:

   1. A number of serious security issues have been identified with the specification and implementations of WebGL.
   2. These issues can allow an attacker to provide malicious code via a web browser which allows attacks on the GPU and graphics drivers. These attacks on the GPU via WebGL can render the entire machine unusable.
   3. Additionally, there are other dangers with WebGL that put users’ data, privacy and security at risk.
   4. These issues are inherent to the WebGL specification and would require significant architectural changes in order to remediate in the platform design. Fundamentally, WebGL now allows full (Turing Complete) programs from the internet to reach the graphics driver and graphics hardware which operate in what is supposed to be the most protected part of the computer (Kernel Mode).
   5. Browsers that enable WebGL by default put their users at risk to these issues.

More here: http://www.contextis.co.uk/resources/blog/webgl/

Unless you actually want to see 3D stuff in your browser, and take the risk, you should disable WebGL. In Firefox, you can disable WebGL by typing about:config into the address bar, find webgl.disabled and set it to true.

[mgz]

noscript noproblem

[dogsinafen]

Even with noscript I'll still disabled this option... Thanks for the info.

[AceHigh]

Thanks, peach.

[NaRu]

its now off. Thanks for the tip

[kitamesume]

i`d had countless instance of getting keyloggers and viruses, well viruses are indeed annoying but i dont really mind, as long as most of my files are intact and my usual accounts doesnt get messed up so badly.

anyway, i had all my ports opened, firewall off, anti-virus on monitoring mode only and even have "accept all cookies" enabled, so far no virus for the past few months using windows7, better than using WinXP.

[NaRu]

i`d had countless instance of getting keyloggers and viruses, well viruses are indeed annoying but i dont really mind, as long as most of my files are intact and my usual accounts doesnt get messed up so badly.

anyway, i had all my ports opened, firewall off, anti-virus on monitoring mode only and even have "accept all cookies" enabled, so far no virus for the past few months using windows7, better than using WinXP.

Just wear a sign saying you can hack me if you want as long you don't delete my shit