Issue
A bug discovered last week in Firefox 3.5’s Just-in-time (JIT) JavaScript compiler was disclosed publicly yesterday. It is a critical vulnerability that can be used to execute malicious code.
Impact
The vulnerability can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code. The vulnerability can be mitigated by disabling the JIT in the JavaScript engine. To do so:
- Enter
about:config
in the browser’s location bar. - Type
jit
in the Filter box at the top of the config editor. - Double-click the line containing
javascript.options.jit.content
setting the value to false.
Note that disabling the JIT will result in decreased JavaScript performance and is only recommended as a temporary security measure. Once users have been received the security update containing the fix for this issue, they should restore the JIT setting to true by:
- Enter
about:config
in the browser’s location bar. - Type
jit
in the Filter box at the top of the config editor. - Double-click the line containing
javascript.options.jit.content
setting the value to true.
Alternatively, users can disable the JIT by running Firefox in Safe Mode. Windows users can do so by selecting Mozilla Firefox (Safe Mode)
from the Mozilla Firefox folder.
Status
Mozilla developers are working on a fix for this issue and a Firefox security update will be sent out as soon as the fix is completed and tested.
Credit
Zbyte reported this issue to Mozilla and Lucas Kruijswijk helped reduce the exploit test case.
Update: This vulnerability has been fixed in Firefox 3.5.1, released Thursday, July 16, 2009
paefrati
wrote on
Zirro
wrote on
BKF
wrote on
Maarten
wrote on
Maarten
wrote on
Britt
wrote on
glenn
wrote on
nemo
wrote on
Luiz
wrote on
Woody
wrote on
hkpk
wrote on
Fausty | torrentfreedom
wrote on
Spade
wrote on
Cat
wrote on
A
wrote on
Kevin
wrote on
mercohaulic
wrote on
Daniel Veditz
wrote on
Jim Davis
wrote on
Daniel Veditz
wrote on