One of the big challenges for WebRTC is the lack of support in Internet Explorer. Even though it’s less than 55 percent of browsers in PCs, many organizations have blocked the download of Chrome or Firefox. However, a new hack has been found that opens IE up to security breaches by just going to a website and using Flash. In fact, the U.S. Homeland Security agency has recommended ceasing using IE until the hack is fixed.
FireEye Research Labs, a Milpitas, Calif. Internet security software company, found the hack. "We are currently unaware of a practical solution to this problem," the Department of Homeland Security's United States Computer Emergency Readiness Team said in a post.
The government recommends that users and administrators "consider employing an alternative Web browser until an official update is available." The breach point allows malicious hackers to get around security protections in Windows through IE. PCs can be infected when visiting a compromised website. The hack sends a corrupted Adobe Flash file to attack the victim's computer, so users can avoid it by turning off Adobe Flash. "The attack will not work without Adobe Flash," FireEye said. "Disabling the Flash plugin within IE will prevent the exploit from functioning." However, Flash is used in many video solutions instead of WebRTC.
For many enterprises, a better option is to start using a more complete solution like Chrome or Firefox, and that then includes WebRTC. With this hack, either companies can shut down all Internet access or change browsers. Hopefully this will both spur many more transitions to Chrome and Firefox, and will over time add to the pressure to include an open WebRTC implementation in IE.
Edited by Rachel Ramsey