Firefox 3.5.1 released to fix major security problem

by Graham Cluley on July 17, 2009 | Comments Off

Filed Under: Vulnerability

FirefoxAs Beth reported on the SophosLabs blog a couple of days ago, there has been a lot of concern about a vulnerability in the recently released Firefox 3.5.

The bug in Firefox 3.5's Just-in-time (JIT) JavaScript compiler was disclosed publicly, and could be exploited by hackers to run malicious code on your computer.

Mozilla, the makers of Firefox, suggested disabling JIT temporarily and others will have used the NoScript addon to increase their level of security.

However, what the Firefox-using world really wanted was a proper fix, and that's now arrived.

Mozilla has released version 3.5.1 of Firefox which reportedly fixes the critical vulnerability, and users are strongly recommended to upgrade as soon as possible.

By the way, if you're still living in the Stone Age and running Firefox 2.0, please be aware that that version hasn't been supported by Mozilla for some time now, and you won't be properly protected when you're surfing online.

The problem is that Firefox 2.0 doesn't shut itself down, you can carry on using it forever if you want - it's just that you won't benefit from any more security fixes. And in a world where attacks are increasingly web-based, that's not a good thing.

So, hear the message loud and clear. Update to Firefox 3.5.1.

Tags: ,

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.