Internet Explorer 9 and Firefox 4 will support it, and Microsoft recently
touted its advantages. But the upcoming version of HTML, which builds rich
Internet application features into the Web programming language and shifts more
Web functions to the client machine, also could open up new Web attack vectors.
Security experts say HTML 5, which comes with rich Internet application
features baked in, will not only provide better performance and multimedia
features, such as video, but also will eliminate the need to manage and maintain
browser plug-ins, such as Adobe Flash. "These features are tied in at the design
stage," says Josh Abraham, security researcher with Rapid7. "You don't have to
load in a third-party plug-in and then upgrade it. Maintaining these third-party
[applications] has been a huge issue [for organizations]."