Hmm guys... I see a major problem here, the "other" doctornotor is saying that FF4 RC2 was justified to block fraulent certificates. Fair enough... but FF has its own certificate store while Chrome is using Windows/IE store... and as far as I'm concerned unless MS sends an update through Windows Update IE8/9 and Chrome are vulnerable. Got to say that the ZDnet article is ...hmm... worrying
Already out as critical update on WU and WSUS. Also manual d/l via
http://support.microsoft.com/kb/2524375 (from XP up to Server 2008 R2)
P.S. IE and Chrome is doing it the right way (TM) - bundling its own certificates crap is plain wrong, and nightmare to manage in business environment.