Mozilla have issued an official warning about a script vulnerability that could lead to hackers taking over their machine. The bug is only triggered when certain types of extensions are installed i.e. those that are “flat” which means that they don’t package their files in a JAR archive. Examples include Download Status Bar and Greasemonkey.
However, Mozilla have only labelled the security priority risk as normal but they do recommend installing the No Script extension in the meantime. No Script basically prevents unauthorised scripts running in Firefox without your consent. A script is basically a command that executes in your browser and can potentially take over your PC. Normally they are harmless but they can be triggered by Trojans or third parties through “holes” in your browser to gain control of your machine or insert a virus.
For more details on using NoScript with Firefox, check this tutorial: