Firefox releases update to fix severe vulnerability
Soon after the flaw was disclosed, an exploit based on the Metasploit framework began circulating in the wild, the SANS Internet Storm Center said Tuesday in a blog post.
If the patch cannot be applied immediately, users still running version 3.5 and below can apply a workaround for the vulnerability by disabling the Just-in-Time compiler, used to increase the runtime performance of Java, according to a Mozilla advisory.
More than 20 other minor bugs also were fixed in the update, according to Mozilla. It can be downloaded here.