Security News > 2021 > November > Mozilla Thunderbird 91.3 released to fix high impact flaws

Mozilla Thunderbird 91.3 released to fix high impact flaws
2021-11-05 13:47

Mozilla released Thunderbird 91.3 to fix several high-impact vulnerabilities that can cause a denial of service, spoof the origin, bypass security policies, and allow arbitrary code execution.

Mozilla Thunderbird 91.3 fixes ten flaws discovered by various researchers that cover a broad spectrum of the email client's functionality.

Thunderbird and Mozilla did not use those formats, potentially allowing sensitive data to be synchronized.

"Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios," explained Mozilla.

Ubuntu has also released a security notice for Thunderbird for the flaws that concern the Linux distribution, and an updated package has been made available on the stable repository.

The latest stats from Mozilla show that only 65% of Thunderbird users have upgraded to 91.x, with the rest still using older, unsupported, and now vulnerable versions.


News URL

https://www.bleepingcomputer.com/news/security/mozilla-thunderbird-913-released-to-fix-high-impact-flaws/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Mozilla 29 13 629 582 266 1490