Firefox 3.5: Critical Vulnerability Uncovered, People Want it Nonetheless
The first security vulnerability affecting the recently released Firefox 3.5 browser has been discovered. The security issue in question is a JavaScript vulnerability that could be exploited by a person with malicious intent to execute code on the targeted machine – the rating the security vulnerability has been given by Mozilla is “critical”.
“A bug discovered last week in Firefox 3.5’s Just-in-time (JIT) JavaScript compiler was disclosed publicly. It is a critical vulnerability that can be used to execute malicious code. The vulnerability can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code. The vulnerability can be mitigated by disabling the JIT in the JavaScript engine,” explained Mozilla.
The workaround provided by Mozilla, disabling the JIT in the JavaScript engine as mentioned above, is described below:
- Launch Firefox 3.5 and in the address bar type in about:config
- In the filter box, at the top of the config editor, type in jit
- Double-click the line containing javascript.options.jit.content setting the value to false.
By enabling this workaround you will ensure your system’s protection, at least until the Mozilla Foundation rolls out a security update. That’s the upside; the downside is that you will experience decreased JavaScript performance. Consequently, once an update resolving this issue is released, you should disable the workaround. The steps for doing so are described below:
- Launch Firefox 3.5 and in the address bar type in about:config
- In the filter box, at the top of the config editor, type in jit
- Double-click the line containing javascript.options.jit.content setting the value to true.
The truth of the matter is that security is an issue that affects all browsers out there. But the good folks in the US State Department don’t care about that; all they care is switching from Internet Explorer to Firefox. The issue came up at a recent town hall meeting where one government employee asked US Secretary of State Hilary Clinton if they could start using Firefox instead of Internet Explorer (video here – head straight to 26:30).
Tags: Mozilla, Firefox 3.5, Security, JavaScript
“A bug discovered last week in Firefox 3.5’s Just-in-time (JIT) JavaScript compiler was disclosed publicly. It is a critical vulnerability that can be used to execute malicious code. The vulnerability can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code. The vulnerability can be mitigated by disabling the JIT in the JavaScript engine,” explained Mozilla.
Advertising
The workaround provided by Mozilla, disabling the JIT in the JavaScript engine as mentioned above, is described below:
- Launch Firefox 3.5 and in the address bar type in about:config
- In the filter box, at the top of the config editor, type in jit
- Double-click the line containing javascript.options.jit.content setting the value to false.
By enabling this workaround you will ensure your system’s protection, at least until the Mozilla Foundation rolls out a security update. That’s the upside; the downside is that you will experience decreased JavaScript performance. Consequently, once an update resolving this issue is released, you should disable the workaround. The steps for doing so are described below:
- Launch Firefox 3.5 and in the address bar type in about:config
- In the filter box, at the top of the config editor, type in jit
- Double-click the line containing javascript.options.jit.content setting the value to true.
The truth of the matter is that security is an issue that affects all browsers out there. But the good folks in the US State Department don’t care about that; all they care is switching from Internet Explorer to Firefox. The issue came up at a recent town hall meeting where one government employee asked US Secretary of State Hilary Clinton if they could start using Firefox instead of Internet Explorer (video here – head straight to 26:30).
Tags: Mozilla, Firefox 3.5, Security, JavaScript
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 10 Feb 2012
With the release of Wolfram|Alpha Pro, the team behind the popular computational knowledge engine took a very big step forward
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.Related News
By George Norman on 28 Sep 2011
Great news for fans of properly good web browsers: the latest version of the Firefox browser to be released to the public is v 7.0
By George Norman on 05 Jan 2012
This is proof that there are a lot of threats on the web and the perfect example of why you should use a properly good security solution to secure your data against viruses and other malware
By George Norman on 08 Nov 2011
The Mozilla Foundation, the non-profit organization behind the Firefox web browser, set Nobember 8th as the release date for the final version of Firefox 8. This means that every user out there will be able to get version 8.0
By George Norman on 17 Nov 2011
We all know that the internet is a dangerous place. There are all sorts of nasties out there, from viruses and worms to scammers and cyber criminals. As a parent, it is your task to make sure that your children stay safe online. This means you have toAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Firefox 3.5: Critical Vulnerability Uncovered, People Want it Nonetheless
HTML Linking Code
HTML Linking Code