Firefox 3.5.1 released to fix major security problem

Filed Under: Firefox, Vulnerability

FirefoxAs Beth reported on the SophosLabs blog a couple of days ago, there has been a lot of concern about a vulnerability in the recently released Firefox 3.5.

The bug in Firefox 3.5's Just-in-time (JIT) JavaScript compiler was disclosed publicly, and could be exploited by hackers to run malicious code on your computer.

Mozilla, the makers of Firefox, suggested disabling JIT temporarily and others will have used the NoScript addon to increase their level of security.

However, what the Firefox-using world really wanted was a proper fix, and that's now arrived.

Mozilla has released version 3.5.1 of Firefox which reportedly fixes the critical vulnerability, and users are strongly recommended to upgrade as soon as possible.

By the way, if you're still living in the Stone Age and running Firefox 2.0, please be aware that that version hasn't been supported by Mozilla for some time now, and you won't be properly protected when you're surfing online.

The problem is that Firefox 2.0 doesn't shut itself down, you can carry on using it forever if you want - it's just that you won't benefit from any more security fixes. And in a world where attacks are increasingly web-based, that's not a good thing.

So, hear the message loud and clear. Update to Firefox 3.5.1.

,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.