New Thunderbird version 68.5 with security fixes available
The new version of the email client includes seven fixes for security vulnerabilities. One is classified as high risk.
Minh OngThe new version 68.5 of the email client includes seven fixes for security vulnerabilities. One is classified as high risk. Users can easily check their installed version of Thunderbird (Menu -> Help -> About Thunderbird).
Memory security vulnerability with high risk rating
According to the Thunderbird team, one of the vulnerabilities (CVE-2020-6800) poses a high risk. Under certain conditions, attackers could use it to execute program code by sending prepared emails. The CVE-2020-6800 is a memory security error that has also been fixed in the current Firefox version 73.
In the advisory to Thunderbird 68.5 (Advisory 2020-07), the developers note that misuse in the email client is usually not possible since scripting is deactivated by default when reading an email. However, the vulnerability poses a potential security risk.
Low and medium risk vulnerabilities
Five vulnerabilities were classified as "Medium" and one as "Low". The dangers they pose include cross-site scripting, non-exploitable Thunderbird crashes, and the disclosure of sensitive information.
General information on the new version of the email client can be found in the release notes for Thunderbird 68.5.
About Author
Minh Ong
I can say that the Internet serves as an integral part of my life for over twenty years. It has provided me with the opportunity to embark on self-guided exploration across a myriad of subjects and continually enhance my personal growth. In 2017 I became an editor at UpdateStar. I am specialized in software reviews, tutorials and news with an emphasis on privacy and security. As a person I love to travel, enjoy music, indulge in adorable kitty videos and waste time on my favorite streaming platforms.