Mozilla released Firefox 3.52. today that patches two vulnerabilities related to how the browser uses SSL certificates.  Updating to this version via the auto update should protect against man-in-the-middle attacks that were discovered by Dan Kaminsky (Mr. DNS) and Moxie Marlinspike at last week’s Black Hat conference.

We recommend upgrading to Firefox 3.5.2 across the board to eliminate this vulnerability.

Tags: Black Hat, firefox, mozilla, Vulnerabilities

Author: Christopher