Mozilla released a new version of their email client Thunderbird recently: 60.6.1. The new version includes fixes for two security vulnerabilities.
The fixed vulnerabilities are unlikely to pose a threat to Thunderbird users. According to the related security advisory:
In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts.
In other words, since Thunderbird does not allow scripts embedded in email to execute, users are generally much safer than if the same email is displayed in a web browser.
Leave a Reply
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.