66,726 News Articles

Firefox 3.5 users vulnerable to Javascript attack

Critical bug opens door to hackers

By | PC World | 15 July 09

A critical flaw in the way Firefox 3.5 handles Javascript opens the door to a serious attack, according to security vulnerability tracker Secunia.

Related Articles

Sample exploit code is already available online, so while there aren't yet any reports of active attacks against this new flaw, there soon could be. Such an assault would likely take the form of a poisoned web page that uses behind-the-scenes attack code to trigger the flaw.

The Washington Post's Security Fix has posted a workaround to protect against the flaw while Mozilla prepares a patch. The temporary fix disables a new Javascript processing feature in Firefox 3.5, which Security Fix says will slow down Javascript handling but protect against this exploit.

See Brian Krebs' post for instructions.

Firefox 3.0 users who haven't yet upgraded shouldn't be vulnerable to this flaw, and won't find the setting that Krebs describes.

Download FREE whitepapers:

Ten tips on security

Make sure your network is secure

PC security advice

Share this article




Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story. Both your name and the recipient's name and address will not be used for any other purpose.


IDG UK Sites
Tesco to launch Hudl tablet next week with budget price

Tesco to launch Hudl tablet next week with budget price

IDG UK Sites
iOS 7: 22 of the best, most amazing, features coming to Apple's iPhone

iOS 7: 22 of the best, most amazing, features coming to Apple's iPhone

IDG UK Sites
How additional e-ink displays might help win the smartphone and laptop battery battle

How additional e-ink displays might help win the smartphone and laptop battery battle

IDG UK Sites
Hands on: Adobe's Mighty and Napoleon drawing hardware for iPad, coming 2014

Hands on: Adobe's Mighty and Napoleon drawing hardware for iPad, coming 2014

* *