Firefox 3.5 Vulnerability Rated 'Highly Critical'

Exploit code for a vulnerability in Firefox was posted online on Monday. Mozilla says it is working on a fix.
US-CERT on Tuesday warned about vulnerability in the new Firefox 3.5 browser that could allow a remote attacker to execute malicious code.

Proof-of-concept exploit code was posted Monday on, an exploit code aggregation site, so it's likely that the vulnerability is being actively exploited.

The vulnerability, discovered by Simon Berry-Byrne, is related to the way Firefox 3.5 processes JavaScript code.

Mozilla has acknowledged the vulnerability and has a fix that's being tested. "The vulnerability can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code," the company said on its security blog. "The vulnerability can be mitigated by disabling the JIT in the JavaScript engine.

To do this:

1) Enter about:config in the browser's location bar.

2) Type jit in the Filter box at the top of the config editor.

3) Double-click the line containing javascript.options.jit.content setting the value to false.

As an alternative, the NoScript plug-in, which disables all JavaScript in the browser, should also offer protection.

Secunia, a computer security company based in Denmark, rates the vulnerability "highly critical" and notes that older versions of Firefox may be affected as well.

F-Secure, a computer security company based in Finland, said in a blog post that its Exploit Shield security software blocks the exploit.

In an interview on Monday about a bug in Google's Chrome browser, Robert "RSnake" Hansen, CEO of SecTheory, a computer security consulting firm, criticized Firefox's security process as being less rigorous than Microsoft's. "For the most part, it's just a bunch of random dudes who are contributing to it," he said.

Nevertheless, Hansen said that Firefox, rather than Internet Explorer, was his browser of choice because it was better for hacking.

Johnathan Nightingale, whose business card says "human shield" -- he manages the front-end team for Firefox and security issues -- says he's proud of the work Mozilla does and that he can't compare Mozilla's efforts to Microsoft's because Microsoft's security process isn't open.

He notes that Mozilla devotes significant resources to security and that the company's security team has been growing. He welcomes those who want to contribute to Mozilla to make it more secure.

Black Hat is like no other security conference. It happens in Las Vegas, July 25-30. Find out more and register.