Firefox 3.5: Critical Vulnerability Uncovered, People Want it Nonetheless
Article by George Norman
On 16 Jul 2009
The first security vulnerability affecting the recently released Firefox 3.5 browser has been discovered. The security issue in question is a JavaScript vulnerability that could be exploited by a person with malicious intent to execute code on the targeted machine – the rating the security vulnerability has been given by Mozilla is “critical”.

“A bug discovered last week in Firefox 3.5’s Just-in-time (JIT) JavaScript compiler was disclosed publicly. It is a critical vulnerability that can be used to execute malicious code. The vulnerability can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code. The vulnerability can be mitigated by disabling the JIT in the JavaScript engine,” explained Mozilla.

Advertising

The workaround provided by Mozilla, disabling the JIT in the JavaScript engine as mentioned above, is described below:
- Launch Firefox 3.5 and in the address bar type in about:config
- In the filter box, at the top of the config editor, type in jit
- Double-click the line containing javascript.options.jit.content setting the value to false.

By enabling this workaround you will ensure your system’s protection, at least until the Mozilla Foundation rolls out a security update. That’s the upside; the downside is that you will experience decreased JavaScript performance. Consequently, once an update resolving this issue is released, you should disable the workaround. The steps for doing so are described below:

- Launch Firefox 3.5 and in the address bar type in about:config
- In the filter box, at the top of the config editor, type in jit
- Double-click the line containing javascript.options.jit.content setting the value to true.

The truth of the matter is that security is an issue that affects all browsers out there. But the good folks in the US State Department don’t care about that; all they care is switching from Internet Explorer to Firefox. The issue came up at a recent town hall meeting where one government employee asked US Secretary of State Hilary Clinton if they could start using Firefox instead of Internet Explorer (video here – head straight to 26:30).



Tags: Mozilla, Firefox 3.5, Security, JavaScript
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Firefox 3.5: Critical Vulnerability Uncovered, People Want it Nonetheless
HTML Linking Code