What I find amusing behind this is that though Microsoft does not support it, it instead supports Internet Explorer, which has many, many more vulnerabilities all on its own. I believe this is a case of cleaning the log out of ones own eye before pointing out the spec in another person's. Though I can see this as a vulnerability, WebGL can simply update to not allow specific issues to take place. In the grand scheme of things, if the only issue a user has is remote rebooting and a DoS, then the software is plenty secure. Skiddies can DDoS you whenever they please anyhow. It would be far too much work to utilize WebGL for such a simple task.
As long as WebGL can secure their software so it cannot install backdoors and the such, it should be supported. Internet Explorer does not support that much and takes only a few lines of code to extract passwords from...
Edited by Thunder7102, 29 June 2011 - 10:28 PM.