Andrew Brandt, lead threat research analyst for , points out, "The simplest thing is to just disable WebGL in your browser. There's no need to avoid using Firefox or Chrome just because they support WebGL, but I'd definitely recommend disabling it for the time being."

Brandt adds that there is little incentive to leave WebGL enabled when there are few sites that actually rely on the technology, and there are these known security issued to contend with. He says, "Leaving it enabled is just inviting trouble."

Tim 'TK' Keanini, CTO of , points out, though, that Firefox and Chrome are at least in a more agile position when it comes to responding to threats. "What Chrome and Firefox have going for them is they have a cheap, fast way to update their products. The bad guys want to keep any zero-days they find secret because once the bug is out there it gets fixed much faster with these tools than with other systems."

Organizations should disable WebGL pending changes to the standard, and implementation of the technology by the individual browsers that close these security holes. Doing so will impact the capabilities of the browser and the overall Web experience, but that is preferable to leaving systems exposed to unnecessary risk. An alternate solution is to consider adopting a browser that does not support or rely on WebGL--.