Firefox update addresses critical security hole

Status
Not open for further replies.
Jos

Jos

Posts: 3,073   +97
Staff

Mozilla has just released an updated version of its popular open source browser software to address a security vulnerability that had become the target of several attacks in recent days. Firefox 3.5.1 patches a critical flaw in the new TraceMonkey JavaScript engine’s just-in-time (JIT) compiler, which was discovered last week and publicly disclosed just three days ago.

Exploit code for the vulnerability was posted online this past Tuesday, so kudos to Mozilla for acting swiftly on what might otherwise have been a potentially nasty problem – enabling attackers to install malware on vulnerable machines. This update also appears to fix a number of other stability and security issues. Users who have turned off automatic updates can use the “Check for Updates...” feature under Help or choose the appropriate OS below to download.

If you followed our advice on how to avoid infection and disabled the JIT compiler, you might want to revert things to speed up your browser’s JavaScript performance. Just enter “about:config” in the address bar and double-click the line containing “javascript.options.jit.content”, which should change the value to “true”.

Download: Firefox 3.5.1 for Windows | Mac OS X | Other systems and languages

Permalink to story.

https://www.techspot.com/news/35500-firefox-update-addresses-critical-security-hole.html

 
This makes me wonder how many other security flaws are in it that they don't know about yet. This is one reason why I stopped using IE, now will FF start having the same problems ? I might go back to text only browsing !
 
fastvince said:
This makes me wonder how many other security flaws are in it that they don't know about yet. This is one reason why I stopped using IE, now will FF start having the same problems ? I might go back to text only browsing !
Click to expand...

Well, considering there have only been a handful of documented security issues that are actually wholly related to FF, and not general Windows type (or java) security flaws that all browsers suffer from, I think FF is still the safer bet... Considering I've lost count of how many IE bugs, flaws, and exploits have been found and patched over the years - and, of course, how many times IE has crashed or locked up on me, compared to FF.

It always amused me when MS would come out with the "newest greatest most stable EVAR" version of IE, and then it would crash consistently trying to load the MSN page... Irony.
 
Between Flashblock, Adblock, and me only turning on Java when I know I want it, I already do text only browsing.

As Firefox's market share continues to increase, the threats against it will as well. Problem here is that Opera sucks too much to move on to LOL.
 
This is one of the MAIN reasons as to why I love FireFox and any open source app or operating system for that matter. Measure the time frame as to how long it took for the public community to fix a security threat problem. Really quick. If this was proprietary software like MS IE I'm sure that it would take them a lot longer for them to launch an update to fix a problem. Or perhaps they would launch it later on with a total package of a service pack update for the whole OS. I only wished that some 3rd party app (especially from the graphic field) would work properly on open source OS cause only then I would be gladly to move from MS to Linux in a heart beat.
 
a little too late... it was this fault that caused my hard drive to lose its entire contents. thanks for nothing Firefox.
Next release, DON'T rush to get it out there; let firefox users decide what all they want to be part of the update.
 
tengeta said:
Between Flashblock, Adblock, and me only turning on Java when I know I want it, I already do text only browsing.

As Firefox's market share continues to increase, the threats against it will as well. Problem here is that Opera sucks too much to move on to LOL.
Click to expand...
"No Script" already kills flash, so with that extension "Flash Block" is redundant. And you're correct, (to a certain extent) about Opera. But, only by virtue of the fact that it doesn't have the same security add-ons available that FF does.

Most users would consider text only browsing as way too bland, and for most everyday uses, impractical.
 
fastvince said:
This makes me wonder how many other security flaws are in it that they don't know about yet. This is one reason why I stopped using IE, now will FF start having the same problems ? I might go back to text only browsing !
Click to expand...


no browser is perfect,every single one out there has a flaw.
thats why there are newer versions and patches
 
Status
Not open for further replies.

Similar threads

A
Some QNAP NAS devices affected by a critical vulnerability, updates available right now
Replies
4
Views
175
Puiu
Puiu
Shawn Knight
White House warns of cyberattacks targeting critical US water systems
Replies
3
Views
142
Athlonite
Athlonite
Daniel Sims
PSA: You should update your iPhone, iPad, or Mac now
Replies
2
Views
244
Thatsdisgusting
T

Latest posts

Back