Tag Archives: Firefox

Microsoft Internet Explorer has long been criticized as ‘insecure’ and vulnerable to attack while Mozilla Firefox was touted as the browser to use to keep your web browsing and your computer safe. It doesn’t appear that this is the case any longer. Make sure you apply all available patches as soon as they become available–for all your software–to keep your computer secure and less vulnerable to attack.

07.14.09 – 10:15am

Issue

A bug discovered last week in Firefox 3.5’s Just-in-time (JIT) JavaScript compiler was disclosed publicly yesterday. It is a critical vulnerability that can be used to execute malicious code.

Impact

The vulnerability can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code. The vulnerability can be mitigated by disabling the JIT in the JavaScript engine. To do so:

1. Enter about:config in the browser’s location bar.
2. Type jit in the Filter box at the top of the config editor.
3. Double-click the line containing javascript.options.jit.content setting the value to false.

Note that disabling the JIT will result in decreased JavaScript performance and is only recommended as a temporary security measure.  Once users have been received the security update containing the fix for this issue, they should restore the JIT setting to true by:

1. Enter about:config in the browser’s location bar.
2. Type jit in the Filter box at the top of the config editor.
3. Double-click the line containing javascript.options.jit.content setting the value to true.

Alternatively, users can disable the JIT by running Firefox in Safe Mode.  Windows users can do so by selecting Mozilla Firefox (Safe Mode) from the Mozilla Firefox folder.  Read more... (317 words, 5 images, estimated 1:16 mins reading time)

Share/Bookmark