Thunderbird update fixes dangerous vulnerabilities
Mozilla updates the popular email program with the new version 60.7.2.
David FischerLast week Mozilla released two updates for its web browser Firefox and fixed two vulnerabilities. The e-mail client Thunderbird was also affected by these vulnerabilities. Now a security update for Thunderbird is available for download.
The update to version 60.7.2 patches the critical vulnerability CVE-2019-11707, which could use JavaScript code to provoke a memory error and potentially cause a system crash. The update also fixes the critical CVE-2019-11708 vulnerability. It allowed attackers to break out of a sandbox environment and allow execution of code on the system.
Thunderbird users should install the to version 60.7.2. You can find the installed version in Settings -> Help -> About Mozilla Thunderbird, if you have not received the update via the automatic update feature.
About Author
David Fischer
I am a technology writer for UpdateStar, covering software, security, and privacy as well as research and innovation in information security. I worked as an editor for German computer magazines for more than a decade before starting to be a team member at UpdateStar.