Mozilla working to fix critical JavaScript vulnerability in Firefox 3.5

Mozilla confirmed that it is "working on a fix" for a recently discovered JavaScript vulnerability, "discovered last week in Firefox 3.5's Just-in-time (JIT) JavaScript compiler was disclosed publicly," the company explained in a statement. "It is a critical vulnerability that can be used to execute malicious code. The vulnerability can be exploited by an attacker who tricks […]

Mozilla confirmed that it is "working on a fix" for a recently discovered JavaScript vulnerability, "discovered last week in Firefox 3.5's Just-in-time (JIT) JavaScript compiler was disclosed publicly," the company explained in a statement. "It is a critical vulnerability that can be used to execute malicious code. The vulnerability can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code." The vulnerability can be mitigated by disabling the JIT in the JavaScript engine. To do so: Enter about:config in the browser’s location bar, Type jit in the Filter box at the top of the config editor, Double-click the line containing javascript.options.jit.content setting the value to false.