Mozilla has released an update for Firefox that repairs a known security flaw in the browser.

The bug, reported last week, relates to the way Firefox handles JavaScript code. It could be exploited by attackers to crash an unpatched browser, and, in theory, could also provide them with a way to trick the browser into running malicious code, Mozilla said.

The problem has to do with an error caused when Firefox handles certain unexpected "contentWindow.focus()" JavaScript code. It can be circumvented by disabling Firefox's JavaScript handling capability.

Users of older Firefox 1.0 browsers and the Mozilla Suite 1.7 are not affected by the flaw, and Firefox 1.5 users should soon start to receive software patches under the browser's automatic update system.

Mozilla developers said last week that they had reduced the number of features in the update in order to speed up the release of this security fix.