If you've been putting off an upgrade from Firefox 3.0, now's the time. Yesterday's update for the older browser will be the last, according to Mozilla.
The 3.0.19 patch fixes five critical security bugs, and another rated high. The critical bugs could be exploited to "run arbitrary code," which usually translates to "install malware."
Firefox 3.0 users can head to Help | About Mozilla Firefox to check the current browser version, and click Help | Check for Updates if it's not already at 3.0.19. And then head to firefox.com to upgrade to 3.6 so as to not be left stranded with an out-of-date browser. For full details see the Firefox 3 release notes.
If you're not still on 3.0, but you haven't yet made the jump to 3.6, there's a patch for you too. Version 3.5.9 fixes the same five critical holes as the 3.0 patch, along with three low priority bugs present only in 3.5 and later. Help | Check for Updates will make sure you have the latest patch, and for the more info see the Firefox 3.5 release notes.
Finally, if you've already upgraded to Firefox 3.6, make sure you've picked up last week's update to 3.6.2. Mozilla released the patch early to address a publicly known vulnerability in the Web Open Font Format that was introduced in 3.6.