One consequence of the Heartbleed flaw is that there is a small risk that a fake website could be set up to successfully masquerade as a legitimate website, even if the legitimate website has correctly revoked its potentially compromised security certificate. The only way to guard against this risk is to turn on a rarely used feature of your browser, which checks whether a certificate has been revoked before accepting it.
This feature has been turned on automatically for users of Internet Explorer and Chrome on domain PCs. Firefox users, and those using non-domain computers, will have to make the change themselves. Details of how to do so can be found below.