Firefox 3.5.2 released to fix critical security problem

Firefox hit by critical zero-day vulnerability

Mozilla, the makers of the Firefox web browser, has issued an important update that fixes a number of security issues – including the problem of how hackers could spoof SSL certificates by inserting null characters into certificates, exposed at the BlackHat conference last week.

In a blog post, Mozilla said that they “strongly recommend that all Firefox users upgrade to this latest release”.

Fortunately Firefox includes automatic updating technology, so users should receive a notification of the update’s availability within 24 or 48 hours. If you wish to install the update manually, you can just choose “Check for Updates” from Firefox’s Help menu.

Of course, in a corporate environment you may choose to roll out the update at your own timescale. But make sure you do continue to keep up-to-date, whichever browser you are choosing to run on your company’s computers.

Which brings me to a timely reminder. If you’re still using the legacy 3.0 version of Firefox, it really is time to upgrade to version 3.5.