A newly-discovered critical flaw in Firefox 3.5's JavaScript compiler could be used to execute malicious code, Mozilla developers have admitted.
According to the Mozilla security blog, the vulnerability in the Just-in-time JavaScript compiler was discovered last week - just over a week after Firefox 3.5 was made available for download. The TraceMonkey JavaScript engine has been patched once already.
"Mozilla developers are working on a fix for this issue and a Firefox security update will be sent out as soon as the fix is completed and tested," Mozilla noted on its security blog.
In the mean time, users should either run Firefox in Safe Mode or disable the compiler. Mozilla gave instructions on how to do that here, but acknowledged it would hurt JavaScript performance. The flaw can only be exploited if a Firefox user visits a web page containing malicious code.
Click here for our review of Firefox 3.5 - and here to learn more about the browser.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Mozilla to cut 250 jobs as part of major coronavirus restructureNews The reorganisation has been made so the company can become faster, more innovative, and find more revenue streams
-
Mozilla re-hires veteran Mitchell Baker to serve as CEONews The interim chair and CEO formally rejoins the organisation after Chris Beard stepped down in December 2019
-
Mozilla fixes two Firefox zero-days being actively exploitedNews Critical vulnerabilities allow attackers to execute arbitrary code or trigger crashes
-
Firefox angers users with alarming Mr Robot pluginNews The opt-out extension led many users to believe they had been hacked
-
Mozilla doubles the speed of its browser with Firefox QuantumNews The browser is faster and makes use of your system resources better
-
Mozilla’s rebrand confuses web browsersNews Chrome, Safari and Firefox struggle with moz://a
-
Firefox ditches 404s in favour of archived pagesNews Mozilla's browser is trialling showing older versions of a webpage instead of an error message
-
Mozilla’s bid for Tor hack used in child porn case rejected
News Firefox maker will not be granted access to an exploit the FBI uncovered in Tor
