Security holes in Mozilla Thunderbird 2 patched

Mozilla on Thursday shipped a minor update of its e-mail client, Thunderbird 2, version 2.0.0.4, that among other things fixes a couple of security holes.

Both are ranked as "moderate," instead of "critical" or "high." Additionally, there have been no exploits "in the wild," or even proof-of-concept code that I'm aware of at this time.

Mozilla says its moderate rating is reserved for "vulnerabilities that would otherwise be high or critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps."

That said, one of them was rated critical when it was fixed in Firefox two weeks ago. So while it's unlikely to bite you, it's still probably a good idea to get Thunderbird 2.0.0.4, which is available along with more info about what's in the update at Mozilla's site.

Join the newsletter!

Error: Please check your email address.

More about Mozilla

Show Comments

Market Place