Critical Patch for Firefox

Yesterday Mozilla released Firefox 3.5.1 to fix a critical JavaScript vulnerability in Firefox. It has been confirmed that this is the only thing that changed in the updated version from the previous version of Firefox (Firefox 3.5). The update is available for direct download or in the update menu option. The bug is in the browser’s JavaScript compiler (“Just In Time” engine) which is the source for the claimed improvement in speed. The flaw allowed hackers to put the JIT engine into a corrupt state letting them run malicious code, such as malware.

Since the JIT engine is only available in Firefox 3.5, older versions don’t have this problem.

There will be an upcoming series of security posts to guide you to be a more secure user.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: