Critical Firefox 3.5 javascript exploit surfaces
By secgeeks - Posted on July 15th, 2009
280
vote
In just over two weeks, Firefox 3.5 has been downloaded almost 28 million times. And yes, 3.5 boasts greatly improved JavaScript performance.
Unfortunately, the JIT compiler also sports a critical weakness in its current state. A web site containing the correct exploit code (which has been shared by Simon Berry at milw0rm.com) could allow an attacker to execute arbitrary code on vulnerable systems.
For the time being, you can disable the JIT compiler to protect yourself. Open about:config in Firefox , type jit in the search box, and double-click javascript.options.jit.content. Set the value to false. Doing this will reduce JavaScript performance, but will close up the hole until it is officially patched.
Continue reading here....
Bookmark/Search this post with:
Recent comments
30 weeks 5 days ago
33 weeks 2 days ago
1 year 2 weeks ago
1 year 2 weeks ago
1 year 2 weeks ago
1 year 18 weeks ago
1 year 34 weeks ago
2 years 25 weeks ago
2 years 26 weeks ago
2 years 28 weeks ago