Mozilla released Firefox 3.6.16 and 3.5.18 which blacklists few invalid HTTP certificates. Firefox 4 final users are already protected from this. If you’re using Firefox 3.6.x and Firefox 3.5.18 you’re highly recommended to upgrade to the latest version.

Comodo group reported this issue to Mozilla about several SSL fraudulent certificates for public websites. Mozilla updated Firefox 4, 3.6, and 3.5 versions to recognize them and block them automatically.

Impact of this issue is

Users on a compromised network could be directed to sites using the fraudulent certificates and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site.

You’ll receive automatic update notification with in 24 to 48 hours or you can manually update Firefox by selecting “Check for Updates” from the Help menu. You can download these updates including latest Firefox 4 final version from