Mozilla based Browser Security, fraudulent certifactes in the wild

September 04, 2011 by dave.r.yeo@gmail.com

We won't be able to release the security updates to Firefox, SeaMonkey and Thunderbird until after the weekend.

The problem is described here, blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/ basically a fake/stolen digital certificate is out in the wild.

For now people should delete the DigiNotar CA certificate. Instructions for Firefox are here, support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert. The same basic procedure works for SeaMonkey and Thunderbird.

If you need help with this, post to the newsgroup 'mozilla.dev.ports.os2' on server news.mozilla.org.

This should be done on all versions of Mozilla applications, especially older versions that won't be getting updated.

blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/

Dave

Links:

• support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert