Just 48 hours after the release of exploit code targeting a zero-day vulnerability in Firefox 3.5, Mozilla's security response team has rushed out a patch to protect users from code execution attacks.
With Firefox 3.5.1, rated a "critical" update, the open-source group corrects a browser crash that could result in an exploitable memory corruption problem.
In certain cases after a return from a native function, such as
escape(), the Just-in-Time (JIT) compiler could get into a corrupt state. This could be exploited by an attacker to run arbitrary code such as installing malware.
We would like to thank community members Lucas Kruijswijk and Nochum Sossonko for isolating the problematic script from the original crashing site.
This vulnerability does not affect earlier versions of Firefox which do not support the JIT feature.
Separately, a new version of Google Chrome was released to patch a pair of security flaws that could allow malicious code execution if a Chrome user simply surfs to a booby-trapped Web page.
The skinny from Google:
This error could cause the browser process (and all tabs) to crash or possibly allow arbitrary code execution with the privileges of the logged on user. To exploit this vulnerability, an attacker would need to be able to run arbitrary code inside the renderer process.