Do you use Mozilla's popular email client Thunderbird? If yes, then you may want to apply these important updates soon. The company just issued five security patches including fixes for one critical and two high-level bugs.
If you're not familiar with Mozilla Thunderbird, it's a free feature-packed email program from the same company that brings us the Firefox web browser. It's a popular alternative email client for Windows, Macs and Linux machines. Click here to read more about Mozilla Thunderbird.
Read on and I'll tell you why you need to apply these updates immediately.
The most severe of the bugs is a critical buffer overflow bug that affects Windows machines (CVE-2017-7845).
According to the Mozilla Foundation Security, this bug "occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content." This could lead to an exploitable system crash.
The two high impact flaws are CVE-2017-7846 and CVE-2017-7847.
The other bug, CVE-2017-7847 is a CSS bug that can potentially reveal user data, such as usernames, to an attacker.
The remaining flaws are the moderate bug that allows an attacker to modify an email message's body (CVE-2017-7848) and a low impact one that allows an attacker to spoof a sender's email address (CVE-2017-7829).
How to update Thunderbird
Thunderbird automatically updates itself but if you want to fetch the updates manually, here's how:
- On the top menu bar, click Thunderbird >> About Thunderbird.
- When the "About Thunderbird" window appears, Thunderbird will automatically check for updates and downloads them if available.
- When the updates are ready, just click "Restart Thunderbird to Update" to complete the process.
The newest version is Thunderbird 52.5.2.
To read Mozilla Foundation's Security Advisory about this latest round of updates, click here.
Facebook launches new security feature you need to use now
We all use Facebook to connect with our friends and family. Unfortunately, cybercriminals use Facebook to scam us. Wouldn't it be ideal if we could detect these scammers before it's too late? Facebook found a way to help. Click here for a Facebook feature that you will need to turn on to avoid getting fooled.