Looks like there is a new unpatched flaw in Firefox. Been reading all over the web about it this morning, so wanted to share it with the Lunar-gang here.
Security notification firm Secunia reports that the security bug (which it describes as extremely critical) stems from errors in handling JavaScript code. The flaw has been confirmed in the latest 3.5 version of Firefox, released in late June.
Older versions of the popular alternative browser might also be affected, Secunia warns.
Exploit code has been uploaded onto recently revived security exploit website milw0rm, a factor that could hasten the development of more attack code.
Secunia advises Firefox users to avoid browsing untrusted websites or following untrusted links pending the availability of a fix from Mozilla (there’s nothing in the pipeline just yet).
Posted a fix that I found via Mashable.com on my Firefox Facts site here:
http://www.firefoxfacts.com/2009/07/15/new-unpatched-firefox-flaw/Here is the fix in question:
Until Mozilla addresses this vulnerability, here’s a temporary fix: Type about:config in Firefox address bar, and set “javascript.options.jit.content” to “false.”
Hope that helps!
