Mozilla has released an update version of Firefox that addresses a previously unpatched flaw that has become the target of hacking attacks over recent days.

Firefox 3.5.1, released on Thursday, resolves a Just-in-Time (JIT) JavaScript compiler flaw in version 3.5 of the popular open source browser software, as explained in Mozilla's advisory here. Exploits based on the vulnerability were posted on a security site on Tuesday so Mozilla deserves credit for acting promptly on what might otherwise have been a potentially nasty problem that posed memory corruption and malware injection risks.

The latest update also corrects a performance issue that resulted in slow start-up on Windows systems.

Users are advised to apply the update, remembering to re-enable the Just-in-Time compiler in cases where Mozilla's previously suggested workaround has been applied. ®

Related stories

• Post-Vista Windows flaw creates Blue Screen risk (8 September 2009)
• MS Zero-day security bug was two years in the making (14 August 2009)
• Mozilla Store shuttered after vendor security breach (5 August 2009)
• Adobe promises fix for critical Flash hole next week (24 July 2009)
• Firefox laggards offered security update (22 July 2009)
• Mozilla downplays risk from unpatched flaw (20 July 2009)
• Memory-hogging bug offers universal browser crash exploit (17 July 2009)
• Updated Unpatched Firefox flaw lets fox into henhouse (14 July 2009)
• Orange UK exiles Firefox from call centres (8 July 2009)
• Firefox 3.5 patch coming soon as Mozilla cranks up downloads (3 July 2009)
• Chrome update completes busy browser patch week (12 June 2009)
• Firefox update squashes 9 security bugs, 4 critical (12 June 2009)
• Firefox users flip out over sneak MS add-on (1 June 2009)