JavaScript flaw could allow for remote attacks
V3.co.uk, 15 Jul 2009
Mozilla is warning users and administrators of a critical JavaScript flaw in its Firefox 3.5 browser.
The company said that the problem exists in the browser's JavaScript tool within a component called 'just in time' (JIT). If exploited, the vulnerability could allow an attacker to remotely execute code on a targeted system.
Mozilla further warned that a working exploit has been publically released, increasing the risk of attacks occurring in the wild.
A Firefox security alert offers instructions on how to temporarily disable the JIT component through the browser's about:config menu. Doing so will slow JavaScript performance, however.
Users can also reduce the risk of attack by running the browser in Windows Safe Mode.
The flaw is the latest in a string of high-profile browser exploits in recent days. Last week Microsoft warned of a flaw in a video ActiveX plug-in that was actively being targeted in Internet Explorer, and yesterday the company reported a second vulnerable IE component, this time an Office plug-in, that was being targeted by attackers.
Codefend could save money by catching security problems early on
Microsoft has given advance warning of a number of security fixes
Obsolete system could increase the risk of identity theft
Storage-as-a-Service:
Best efforts or best practice?
IDG research: IT professionals understand the fundamentals of managing and
protecting data, but do not apply best practices
The
seven security myths of Microsoft Windows 7
It is essential to separate myth from reality about the built-in security of
Microsoft’s latest offering
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you thousands of white papers, case studies and analyst reports.
Tools help migrate Notes/Domino workflows to cloud-based alternatives
Watchdog criticises ISP for failing to inform customers of trial
Do you agree?
Have your say on this article