We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Firefox 3.5 users vulnerable to Javascript attack

Critical bug opens door to hackers

A critical flaw in the way Firefox 3.5 handles Javascript opens the door to a serious attack, according to security vulnerability tracker Secunia.

Sample exploit code is already available online, so while there aren't yet any reports of active attacks against this new flaw, there soon could be. Such an assault would likely take the form of a poisoned web page that uses behind-the-scenes attack code to trigger the flaw.

The Washington Post's Security Fix has posted a workaround to protect against the flaw while Mozilla prepares a patch. The temporary fix disables a new Javascript processing feature in Firefox 3.5, which Security Fix says will slow down Javascript handling but protect against this exploit.

See Brian Krebs' post for instructions.

Firefox 3.0 users who haven't yet upgraded shouldn't be vulnerable to this flaw, and won't find the setting that Krebs describes.

Download FREE whitepapers:

Ten tips on security

Make sure your network is secure

PC security advice


IDG UK Sites

Spotify launches on PS4 as Tidal arrives on Sonos: It's Tidal vs Spotify music streaming

IDG UK Sites

It's World Backup Day 2015! Don't wait another minute: back up now

IDG UK Sites

Adobe Comp CC iPad app review

IDG UK Sites

April Fool's Day pranks: play these geeky pranks on April Fools Day and fool your friends