Mozilla confirms critical security flaw in Firefox 3.5

Posted by Percy Cabello on July 14th, 2009 • Tags:

Mozilla has confirmed a critical security vulnerability disclosed yesterday by Milworm, that may lead to remote code execution.

As it is related to the new TraceMonkey JavaScript optimizer, users can mitigate it by temporarily disabling the optimizer. To do so:

Enter about:config in the location bar to access advanced preferences.
Look for javascript.options.jit.content and double click it to set it to false.

Mozilla reports that they are already working on a fix for the flaw and it will be released as soon as it becomes available.

Comments

Firefox 3.5.1 due this week to fix security and slow startup bugs - Mozilla Links said on July 15, 2009, 8:21 pm:

[...] has confirmed that it will release the first update for Firefox 3.5 later this week to address a critical security vulnerability disclosed a couple of days ago that could lead to malicious code [...]

Recent Posts

Mozilla Links Editions

Mozilla Pages

Other Mozilla Blogs