Symbian, Maemo and MeeGo/Harmattan currently have an extremely easy way of removing top level CA certificates. You delete them manually through the certificate interface or you drop into a root shell and issue 'rm /etc/certs/common-ca/8868bfe08e35c43b386b62f7283b8481c80cd74d.pem' on the N900 or N950. Manually removing the certs without updating the Trusted Root Store may cause problems; as root issue "cmcli -c common-ca -r 8868bfe08e35c43b386b62f7283b8481c80cd74d" to do it the "proper" way.
On Windows Phone 7? If it's baked in, you have no choice. If it's added afterwards? You have to completely factory reset the device.
While regular iOS, Android and Windows Phone 7 users have to wait for updates to be pushed by Apple, Google and Microsoft (unless jailbroken or rooted), those loyal Nokia users can rest assured that their devices are a smidgen more resilient to MiTM attacks (using the compromised certs).