Apparently Comodo issued security certificates for these popular websites…
login.live.com,, mail.google.com, http://www.google.com, login.yahoo.com (3 certificates), login.skype.com, addons.mozilla.org. This would allow attackers to create fake websites using these certificates and pose as authentic site and at least steal your logon information.
So when your Microsoft Update asks you to install an update out of make sure you do(That little yellow shield near the clock). If you do not want to wait for the update to come to you then go get it here…
http://support.microsoft.com/kb/2524375
In addition, make sure you update your Firefox Browser as well. Mozilla Firefox released 3.6.16 today also to include a fix that “blacklists a few invalid HTTPS certificates”. The Firefox 3.6 update is available here: http://www.mozilla.com/en-US/firefox/all-older.html
Or just simply update to the latest version: http://www.mozilla.com/en-US/firefox/new/
References:
http://www.wired.com/threatlevel/2011/03/comodo-compromise/
http://support.microsoft.com/kb/2524375
