According to Vulnerability note VU#443060 issued by US-CERT (United States Computer Emergency Readiness Team, Mozilla Firefox 3.5 contains a Highly Critical Security Hole that allows hackers to execute malicious code.
Mozilla is already aware of this Critical Issue and stated that “This is a JS engine bug dealing with deep bailing not properly restoring the return value from the result of the (fast native) escape function. We then try to do something with the uninitialized memory and crash in the interpreter.” and advices to disable JIT in the Javascript engine which will decrease Javascript performance. To disable the vunerable componen Type in about:config in the browser’s location bar, type jit in the filter box, and double-click the linke containing javascript.options.jit.content and set value to false.
The later Firefox 3.0 version is not affected because it doesn’t have support JIT (just-in-time) engine, this means I’m safe, I didn’t upgrade to 3.5 since I’m using a lot of firefox-plugins and some could not yet be supported. So until this highly critical issue is solved I’m stucked with Firefox 3.0.
Popularity: 2% [?]
Related Posts
- Firefox 3.5.3 Upgrade is out
- Firefox 3.6 is ready, Time to Abandon Safari, Chrome and IE
- Hacks to Make FireFox Faster
- Mozilla releases FireFox 3
- FireFox 3.1 Beta 2 to Come With Private Browsing
- Putting Chrome’s Features in Firefox
- List of Top FireFox Add-ons For Power Users
- FireFox Extensions to Turn FireFox into a Chrome Clone
- FireFox Add-ons to Help You Save Time and Money
- FireFox 3.1 Beta Now Ready for Download
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Leave Your Comments Below