RC4 is now disabled when using TLS, except for a few specifically whitelisted Web sites. This whitelist is an interim measure until those sites are fixed (bug 1124039). This fallback is controlled by the security.tls.unrestricted_rc4_fallback preference, true by default for the moment (bug 1138882).
Web sites needing to fall back to an insecure version of TLS in order to work are now in a hardcoded whitelist which will shrink over time (bug 1114816). The whitelist can be disabled by setting security.tls.insecure_fallback_hosts.use_static_list to false.