Skip to main content

Using Thunderbird? Update if you haven’t already

posted onDecember 28, 2017
by l33tdawg

If you're using Thunderbird for your email needs, make sure you're on version 52.5.2. Mozilla recently released the new version, which has patches that squash a handful of bugs.

The bug, rated critical by the Mozilla Foundation, is CVE-2017-7845, which is a buffer overflow vulnerability affecting only Windows users. "A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content," Mozilla said in its security advisory. "This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash."

Two of the bugs are rated "high" in severity. CVE-2017-7846 is a JavaScript exploit affecting Thunderbird's RSS reader capabilities. The second, CVE-2017-7847, is a CSS bug that could potentially allow an attacker to discover user data, like a user name.



Mozilla Security

You May Also Like

Recent News

Tuesday, March 20th

Monday, March 19th

Friday, March 16th

Thursday, March 15th

Wednesday, March 14th

Tuesday, March 13th