Mozilla stitched a security hole in Firefox 3.5, fixing a vulnerability in the browser after attack code targeting the vulnerability was made public earlier this week.
With Firefox 3.5.1, Mozilla fixes a critical flaw in the TraceMonkey JavaScript engine’s JIT (just-in-time) compiler that could be exploited to run arbitrary code. The vulnerability was reported last week, but took on new urgency for users when attack code for the bug became public while users waited on a fix.
“In certain cases after a return from a native function, such as escape(), the Just-in-Time (JIT) compiler could get into a corrupt state,” according to Mozilla. “This could be exploited by an attacker to run arbitrary code such as installing malware.”
If the patch cannot be deployed right away, there is a workaround for users. Mozilla recommends users disable JIT in the JavaScript engine and provides instructions on how to do so here. Firefox 3.5 is the only version of the browser vulnerable to the attack, as it is the only one with JIT.
Better than 20 other bugs were also fixed in the update, which can be downloaded here.