We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Mozilla patches nine Thunderbird flaws

Seven bugs were rated 'moderate'

Mozilla has released patches to fix nine security vulnerabilities in Thunderbird.

Thunderbird 2.0.0.16, the first fix for the email software since early May, quashes nine bugs, including one that was patched last week in Firefox. The remainder fix flaws that were first addressed in early July when Mozilla updated Firefox to version 2.0.0.15.

It's not unusual for Thunderbird security updates to lag behind those released for Firefox. Seven of the nine bugs were rated 'moderate' by Mozilla, the second-lowest of the four rankings in its threat system. The other two were pegged as 'low'.

The bug patched in Thunderbird was in the browser rendering engine's CSSValue array data structure. According to Mozilla, the vulnerability could be used by hackers to force a crash, and from there, run malicious code. Several other just-patched Thunderbird vulnerabilities could also be used by attackers to execute code remotely.

Thunderbird 2.0, like its browser sibling, is on the way out. Most of Mozilla's attention is now on Thunderbird 3.0, which has been available as an Alpha 1 preview for more than two months.

Users can download Thunderbird 2.0.0.16 in versions for Windows, Mac OS X and Linux from the Mozilla site, call up the email client's built-in updater or wait for the automatic update notification, which typically appears within 24 to 48 hours.


IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

See how Trunk's animated ad helped Ade Edmondson plug The Car Buying Service

IDG UK Sites

Yosemite tips: Complete Guide to OS X Yosemite