According to the browser's developers, hackers could have used this flaw to run malicious code on the user's computer, a process known as Remote Code Execution.
The vulnerability was found just days after the browser was released end of June but Mozilla decided against making it public until the beginning of the week. A patch was generated within 48 hours.
Mozilla also incorporated a number of stability props in this update which will also solve an issue that "was making Firefox take a long time to load on some Windows systems". A total of 22 bugs have been ironed out with this version.
As usual, users are strongly urged to download and install the latest browser. However, disabling the Just-In-Time compiler should solve the issue which affects all platforms.
and join more than 1700 other followers.
Neither Mozilla nor any other projects of this site are immune to vulnerabilities. It is to Mozilla's credit that they managed to push out a patch that quickly. For those interested, Firefox has a nightly build which is basically the latest version of the browser; a bit raw but it gives you an idea of what is in store.
Firefox 3.5.1 Update Now Available
Firefox releases update to fix severe vulnerability
Firefox 3.5.1 fixes critical security flaw
Mozilla plugs Firefox web browser security hole
Mozilla fixes Firefox zero-day vulnerability