Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Just Posted: "Stopgap Fix for Critical Firefox 3.5 Security Hole"
The Washington Post ^ | July 14, 2009 | Brian Krebs

Posted on 07/14/2009 10:35:08 AM PDT by CedarDave

... until Mozilla can ship an update to quash this bug, Security Fix is posting instructions to help readers protect themselves from this vulnerability.

~~snip~~

Fortunately, there is a relatively easy fix for this that can be reversed once Mozilla issues a patch. To disable the vulnerable component, open up a new Firefox window and type "about:config" (without the quotes) in the browser's address bar. In the "filter" box, type "jit" and you should see a setting called "javascript.options.jit.content". You should notice that beside that setting it reads "true," meaning the setting is enabled. If you just double-click on that setting, it should disable it, changing the option to "false." That's it.

(Excerpt) Read more at voices.washingtonpost.com ...


TOPICS: Computers/Internet
KEYWORDS: firefox; firefox35; mozilla
Krebs says that making this change will slow down Javascript rendering in Firefox 3.5 to 3.0 speeds but the tradeoff of speed vs. security may be worth it for most users.
1 posted on 07/14/2009 10:35:08 AM PDT by CedarDave
[ Post Reply | Private Reply | View Replies]

To: ShadowAce
Tech PING!

Link to earlier thread:

Unpatched Firefox flaw lets fox into henhouse

2 posted on 07/14/2009 10:36:31 AM PDT by CedarDave (Obama's EPA wants to get rid of cows: They emit CO2 from the front end and CH4 from the rear.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: CedarDave

mark


3 posted on 07/14/2009 10:38:40 AM PDT by Christian4Bush (The difference between Lincoln and Obama: Lincoln freed slaves. Obama is out to make them.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: CedarDave

Anything that fixes the util rate hog issues? This 3.5 browser just loves to peg my machine at 100%!


4 posted on 07/14/2009 10:42:25 AM PDT by TWohlford
[ Post Reply | Private Reply | To 1 | View Replies]

To: CedarDave

mark


5 posted on 07/14/2009 10:43:29 AM PDT by tgusa (Gun control: deep breath, sight alignment, squeeze the trigger ....)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Christian4Bush

I’m sticking with 3.0.11 for a while.


6 posted on 07/14/2009 10:43:45 AM PDT by CedarDave (Obama's EPA wants to get rid of cows: They emit CO2 from the front end and CH4 from the rear.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: TWohlford

Seem’s like a common complaint of this and earlier FF versions. Mine will peak sometimes and very rarely will freeze meaning I do a ctrl-alt-del to shut it down. Most of the time it is due to a video I’m trying to play or download.


7 posted on 07/14/2009 10:46:58 AM PDT by CedarDave (Obama's EPA wants to get rid of cows: They emit CO2 from the front end and CH4 from the rear.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: CedarDave

FWIW, how does one revert back to 3.0.11?


8 posted on 07/14/2009 10:47:00 AM PDT by woollyone (I believe God created me- you believe you're related to monkeys. Of course I laughed at you!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: TWohlford

BTW, when my little green box in the system tray (ctrl-alt-del, Options, “hide when minimized”) goes and stays green, I know I have a problem. That’s the best quick indicator that I know of.


9 posted on 07/14/2009 10:53:35 AM PDT by CedarDave (Obama's EPA wants to get rid of cows: They emit CO2 from the front end and CH4 from the rear.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: CedarDave; ShadowAce
Krebs says that making this change will slow down Javascript rendering in Firefox 3.5 to 3.0 speeds but the tradeoff of speed vs. security may be worth it for most users.

Going to have to remember (ping?) to set it back to true after the fix comes out. Or, will the fix automatically reset it to true?

10 posted on 07/14/2009 10:57:17 AM PDT by raybbr (It's going to get a lot worse now that the anchor babies are voting!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

11 posted on 07/14/2009 10:58:23 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: woollyone
Need to downgrade from 3.5 to 3.0

You might want to check out some of the other links on the right sidebar at that page.

12 posted on 07/14/2009 10:58:43 AM PDT by CedarDave (Obama's EPA wants to get rid of cows: They emit CO2 from the front end and CH4 from the rear.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: woollyone

Just follow the about:config option. Also, if you’re not already doing so, you need to run an extension such as NoScript. NS allows you to whitelist/blacklist Java and Java script. It’s also granular. Meaning: Some websites can have javascripts from third parties running (google analytics for example) and NS allows you to pick and choose what scripts are allowed to run for any given site.


13 posted on 07/14/2009 11:00:47 AM PDT by AFreeBird
[ Post Reply | Private Reply | To 8 | View Replies]

To: raybbr

Have no idea, but would suspect you will have to reset the switch to “true” to enable the patched Tracemonkey script.


14 posted on 07/14/2009 11:02:46 AM PDT by CedarDave (Obama's EPA wants to get rid of cows: They emit CO2 from the front end and CH4 from the rear.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: TWohlford

I only have 512MB of memory, run XP Home, and have had 3.5 since the day it was released - and both computer and browser run very fast.

This is a 2004 Dell Computer, so hardly state-of-the-art hardware.

Not sure why so many folks are having trouble with this version of FF hogging memory.

FF consistently uses around 75MB of memory (virtual memory is appx. 190MB).


15 posted on 07/14/2009 11:08:23 AM PDT by library user
[ Post Reply | Private Reply | To 4 | View Replies]

To: Abigail Adams

Bookmark for later.


16 posted on 07/14/2009 11:16:04 AM PDT by Abigail Adams
[ Post Reply | Private Reply | To 15 | View Replies]

To: CedarDave

thx. Started using Safari till this got fixed, but will use this workaround.


17 posted on 07/14/2009 11:27:33 AM PDT by Betis70 (Keep working serf, Zero's in charge)
[ Post Reply | Private Reply | To 1 | View Replies]

To: CedarDave

Now if somebody’d just update the DoD Configuration add-on so I can keep using Firefox while checking email from my civilian office, I’d be happy...

Colonel, USAFR


18 posted on 07/14/2009 11:34:24 AM PDT by jagusafr (Kill the red lizard, Lord! - nod to C.S. Lewis)
[ Post Reply | Private Reply | To 1 | View Replies]

To: AFreeBird

already run NS and adblock

love ‘em both.


19 posted on 07/14/2009 11:53:19 AM PDT by woollyone (I believe God created me- you believe you're related to monkeys. Of course I laughed at you!)
[ Post Reply | Private Reply | To 13 | View Replies]

To: CedarDave

ty!


20 posted on 07/14/2009 11:53:27 AM PDT by woollyone (I believe God created me- you believe you're related to monkeys. Of course I laughed at you!)
[ Post Reply | Private Reply | To 12 | View Replies]

To: CedarDave

Thanks for this information!


21 posted on 07/14/2009 1:52:28 PM PDT by markedmannerf
[ Post Reply | Private Reply | To 1 | View Replies]

To: woollyone

Filehippo.com has every version in incrementals back at least 1.5 if you need them


22 posted on 07/14/2009 2:17:30 PM PDT by Lucian (I am, therefore, I'll think)
[ Post Reply | Private Reply | To 8 | View Replies]

To: CedarDave

OFF TOPIC: FF 3.5 is horrible on 64 bit Win 7. Stalls, crashes, jumping, jittery, etc.

Then again, IE 8 (64) isn’t much better, and there is no Flash available for it yet, either.


23 posted on 07/15/2009 8:55:25 AM PDT by papasmurf (Save us from 0bama, I prayed. Then I heard, "the 2nd, I saved")
[ Post Reply | Private Reply | To 1 | View Replies]

To: papasmurf

bookmark


24 posted on 07/16/2009 3:31:49 PM PDT by Unrepentant VN Vet (Only things in the middle of the road are paint stripes and roadkill.)
[ Post Reply | Private Reply | To 23 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson