Microsoft has stated that WebGL relies too much on third parties to facilitate the secure viewing of a website. They said that they had looked into WebGL previously and found that it "would have difficulty passing Microsoft's Security Development Lifecycle requirements" and that "the large attack surface exposed by WebGL remains a concern." The company said that it will not endorse WebGL "from a security perspective."
Many people are aware that Microsoft isn't part of the Khronos consortium that oversees development of WebGL technology and includes companies such as AMD, Apple, ARM, Intel, Nokia, Nvidia, Oracle, Samsung and Sony. They may not be aware, however, that now Microsoft is proclaiming that WebGL is insecure and opens users up to DDOS attacks.