Chrome, Internet Explorer and Safari are all vulnerable.
SSL Certificate Authorities claim a 99.995 accuracy rate, despite headline-making Web security breaches in the last two years.
Derek Soeder of Cylance and Kostya Kortchinsky of Microsoft are credited with uncovering the vulnerability.
Internet Explorer and Windows Kernel-Mode driver vulnerabilities top the list in Microsoft's Patch Tuesday for February 2013.
Both flaws are currently being exploited in the wild.
Bamital botnet put 8 million PCs at risk from malicious search redirect – but was there any other malware risk?
Oracle issues massive update to secure Java.