"Firefox has unpatched "extremely critical" security holes and exploit code is already circulating on the Net, security researchers have warned.

The two unpatched flaws in the Mozilla browser could allow an attacker to take control of your system.

A patch is expected shortly, but in the meantime users can protect themselves by switching off JavaScript." (via PC World)

-Hmm. That seems like a practical solution, I'm sure the most at risk users are digging around their preferences right now :-)