Mozilla patches critical vulnerabilities in Thunderbird


A vulnerability was found in Mozilla’s Thunderbird. A patch is already available and should be installed soon.

Mozilla warns of a vulnerability in its open source e-mail client Thunderbird. In a security advisory, the impact of CVE-2020-16044 is classified as “critical”.  The  problem has already been resolved in version 78.6.1.

With a certain amount of effort, the vulnerability can exploit a use-after-free memory error and inject malicious code. Mozilla writes more about this on its website. ©

 The re it is pointed out, however, that such vulnerabilities are not exploited via e-mails in Thunderbird, since scripting is deactivated by default when reading e-mails. However, they pose a certain risk in the browser or in browser-like contexts.

It is advisable to update Thunderbird as soon as possible. Usually this is done automatically. Alternatively, the update can also be triggered manually via the setting.


[ source link ]

Mozilla patches critical vulnerabilities Thunderbird


Please enter your comment!
Please enter your name here