See here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://www.kb.cert.org/vuls/id/120541 It's a serious security vulnerability, affecting practically all "secure" websites, all browsers and mail clients, etc. Firefox is going to fix it soon; meanwhile it rises humans' awareness of the issue so that you would upgrade to the next release as soon as possible instead of staying vulnerable with older version. If you want you can get Minefield version of Firefox: maybe, it already has this fixed. But Minefield will be less stable than Firefox, so you should better wait until stable release fixing this.