Jar Jar links. nice.

'arguably racist' - you forgot 'and shit'.

I believe that the newest version of the Firefox plugin called, "Noscript" overcomes this JarJar vulnerability & stops a whole bunch of other nasties. Admittedly, it makes web browsing a bit ugly, but the web is a pretty ugly place isn't it?

reason to mention Gmail in the title then. was there.

I dunno, scared me into reading it....

my thought process was:

"Firefox broken"... oh great not again *sighs*

"broken jar vuln"... yeah, because java sucks *sighs*

"menaces Gmail" ... crap - I use firefox AND Gmail QUICK, READ, BEFORE ITS TOO LATE - AGGGGHHHHHHHHH!!!!

The media scaremongers have infiltrated The Register! Red alert!

You forgot to include Paris Hilton in the subject. I'm sure this affects her too someway. Maybe she drinks java coffee and has an outfit made of fox skin? ;-)

..isn't it called no-web?

O hang on - that was the last one - or was that slo-mo web?

I installed it once - tried to use it and was convinced someone had sneaked in and replaced the DSL line with a standard dial-up modem.

The ONLY fix currently available is the NoScript plugin according to the US Cert advisory (www.kb.cert.org/vuls/id/715737).

I know NoScript can be a pain on some sites - I've even (*shudder*) had to revert to IE to use some of them - but I value my security over the issues, particularly as my kids use IM, mySpace and other social networks so much.

btw the original report on this was made by Jesse Ruderman in February. Why has it taken so long to not produce a fix?