Firefox critical SSL bug

Mozilla on Monday issued an update for Firefox that fixes four critical security bugs in the popular open-source browser, including one exposed last week that could make it easy for attackers to spoof SSL certificates used to secure websites.

...The vulnerabilities apply to the Windows, Mac and Linux platforms...

...Marlinspike said most internet client-side software that implements SSL are vulnerable to the null-string bug, so we'd expect this to be the first of many patches fixing that vulnerability....