Skip to main content

Using Thunderbird? Update if you haven’t already

posted onDecember 28, 2017
by l33tdawg

If you're using Thunderbird for your email needs, make sure you're on version 52.5.2. Mozilla recently released the new version, which has patches that squash a handful of bugs.

The bug, rated critical by the Mozilla Foundation, is CVE-2017-7845, which is a buffer overflow vulnerability affecting only Windows users. "A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content," Mozilla said in its security advisory. "This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash."

Two of the bugs are rated "high" in severity. CVE-2017-7846 is a JavaScript exploit affecting Thunderbird's RSS reader capabilities. The second, CVE-2017-7847, is a CSS bug that could potentially allow an attacker to discover user data, like a user name.



Mozilla Security

You May Also Like

Recent News

Monday, January 15th

Friday, January 12th

Thursday, January 11th

Wednesday, January 10th