Mozilla has confirmed that they are working on a fix. In the meantime there are a couple quick fixes you can implement.
- Type “about:config” in the address bar and press Enter. Ignore the warning.
- Change its value from True to False. You can change the value by double clicking on the line or using Toggle option from the right click context menu.
This will force Firefox to use the older rendering engine which is slower, but immune to this exploit. Once a patch is released simply change the value back to true.
The critical nature of this vulnerability coupled with the full disclosure of the exploit is extremely worrying. Until a fix is released by Mozilla we would highly recommend that all Firefox users apply these quick fixes and stay on the safer side.