I just saw this now
Firefox 3.6
Solution Do not visit untrusted websites or follow untrusted links.That advice should be followed no matter which browser you use..... :)
Yes 8)
read this yesterday:
http://www.theregister.co.uk/2010/02/18/firefox_zero_day_report/
…and saw it confirmed through Secunia PSI
It is a nice thing to have multiple browsers installed 8)
Firefox and NoScript plus ReguestPolicy add-ons I would suggest will negate this issue, by blocking the code execution by default.
Request Policy is not compatible with my Minefield.
I am already using NoScript 8)
yeah, and request policy is nice but it implies that you got to allow everything twice (not for the same purposes I know) on new visited sites; therefore I stick to ns only.
That is what you get when playing on the bleeding edge (many unsupported add-ons), it is compatible with current release versions.
True 8)
But,
There is a way to make addons compatible but I don’t know how
MR Tech Toolkit
https://addons.mozilla.org/en-US/firefox/addon/421
I’m using Win XP Pro SP3, and on all my systems use a LUA (Limited User Account) and run all browsers in a sandbox.
If not using avast! Pro 5, then depending on your OS might be able to use Sandboxie http://www.sandboxie.com/
I used Sandboxie prior to upgrading to avast! Pro 5.
Edit:
While doing the post, a friend sopped by so had to close post and leave before I could finish posting the following instructions I had saved to force extensions to work with a newer version of Fx.
PLEASE NOTE this may not always work, especially with major updates/changes to Fx options, GUI, etc. As always makeup a backup of your Profile.
Step 1.
Download and install an archiving program like 7zip »7zip.org
Step 2.
Select the extension that you want to update. Right click the extension and extract the contents to your desktop.
Step 3.
Select the install.rdf file and edit it in a text editor like notepad (windows) or emacs (unix/linux).
Step 4.
Search for the max version tag and change the version from the current one (e.g., 3.5 to 3.6)
Step 5.
Save the install.rdf file that you just changed.
Step 6.
Go back to your extension that you opened earlier and open it in your archiving program. You will then see the contents of the .xpi file, including the original install.rdf file. Now you will select and copy the install.rdf file that you just recently edited, and paste it (or drag and drop it) into the open contents of the .xpi file (that is opened in your archiving program.)
Thanks for this idea! 
@ Jon_T
There is an easier way
Run Firefox
Type about:config in the address bar
Search extensions.checkCompatibility.3.7a;
Toggle it false
Now you can install whatever addons as you like 8)
But you need to download the addon and save it to the hard disk and run the.xpi on Firefox
Chris Thomas,
Thanks for the reply, I’ll keep it in mind.
For myself the MR Tech Toolkit’s “Override ‘maxVersion’ compatibility checking” has allowed me to easily continue using my extensions with new Fx updates. Use quite a few of the other MR Tech Toolkit’s Fx tweaks.
I’ve always downloaded Fx updates, extensions and themes, then install. Comes in handy if you need/want to do a “fresh” install you’ll have everything easily available.
I found this on Secunia forum.
I found it interesting and no doubt, i am sure more posts will be posted.
This from Mozilla Security Blog
http://blog.mozilla.com/security/
On Secunia forum:
This report seems to be a hoax. At the Forum-Post, some users already write that the exploit does not work. Secunia seems to did not test it, but just used the information written by some unserious "russian security researcher" (aka. blackhat hacker) who wants to sell his product.
Referring to this post on the “security researcher”'s forum.
Hello, I've bought VulnDisco 9.0 and tested the FireFox 0-day-exploit. It did NOT (!!!) work with FireFox 3.6 and 3.5.8 at WindowsXP SP3 and at WindowsVista SP2. [Honestly I think that exploit is just a hoax, an good advertisment trick - Secunia (http://secunia.com/advisories/38608/) believed it without testing it by themselves]Still, it contains some other interesting exploits for other programs, but I have not tested them so far.
kind regards,
Mario
No confirmation from real security researchers yet.