A critical security vulnerability affecting Firefox 3.5 has been discovered and published on the security portal Milw0rm entitled Firefox 3.5 Heap Spray Vulnerability. A proof of concept exploit has been provided. In short, the vulnerability can lead to remote code execution. The good news is that a security patch has already been published by Mozilla Links.
The security vulnerability can be fixed the following way. Type in about:config in the Firefox address bar and hit enter. Now filter for the term javascript.options.jit.content and double-click it afterwards to set it to false which disables the Tracemonkey JavaScript engine. This in turn could (and most likely will) reduce the JavaScript performance of the Firefox 3.5 web browser until an official security patch is provided by the Mozilla Firefox team.
The security patch is expected to be released soon by the Firefox development team. Stay tuned, we keep you updated.
Read Related Posts
-
Another Critical Firefox Vulnerability Emerges
-
Firefox 3.5.1 Update Available
-
Latest Firefox Web Browser Vulnerable to 0-Day Exploit
-
Adobe Fixes Critical Shockwave Vulnerability
-
Firefox 2.0.0.14 critical update
-
Web Browser: Firefox 3.0.8
-
Test Your Browser’s JavaScript Performance
-
Firefox 3.05 Security Update
Thanx for the update Martin. I think this must be led to my readers too :-) . Cheers for firefox users :)
Does this apply to both Mac and PC?
A question Martin when the official security patch is provided, by the Mozilla Firefox team, do i have to put the settings back in the original settings, before i patch? And if so how? Or do I not have to worry about this and can i just patch over?
You need to reverse the changes manually. You can simply perform the same operating again (a double-click would change the setting from false to true again).
Only Windows vulnerable?
The Mozilla team is not mentioning the affected operating systems but it is very likely (from the choice of words used) that all supported operating systems are affected.
@Martin_July 15, 2009 at 5:26 pm
Indeed all platforms!
See https://bugzilla.mozilla.org/show_bug.cgi?id=503286
Product: Core
Component: JavaScript Engine
Version: 1.9.1 Branch
Platform: All All
Reason 201 to use Sandboxie…
Looking forwards to 351 (expected beginning of next week (week 30/2009) as to what I’ve read). Until then (but ONLY until then), javascript.options.jit.content set to false, sorry TraceMonkey!
Seems *really* critical, so better follow the temporary work-around.
Since it’s a javasrcict vulnerability, activated noscript add-on in unknown sites already solved the problem, right?