On Tuesday, for its Firefox 3.5 and Firefox 3.6 browsers to do the same; it had already revamped Firefox 4 before the new browser's Tuesday's launch.

Microsoft followed today with an update to all Windows users that adds the nine certificates to the operating system's blacklist, which Internet Explorer (IE) accesses. The update has been pushed to Microsoft's Windows Update service for users running Windows XP, Server 2003, Vista, Server 2008, and Server 2008 R2.

Comodo said the attackers obtained the certificates on March 15 using a username and password assigned to a company partner in southern Europe. It has not identified the partner, but admitted it didn't know all the details.

"We are not yet clear about the nature or the details of the breach suffered by that partner other than knowing that other online accounts -- [although] not with Comodo -- held by that partner were also compromised at about the same time," Comodo said.

Storms called Comodo's failure a major security event. "It's a big deal when a trusted authority issues something it clearly shouldn't have," Storms said. "People start second-guessing whether a site is really what it says it is."