Thunderbird is a popular email client by Mozilla. Recently, the company released a new version that fixes a critical buffer overflow vulnerability affecting Windows users. In total, the release includes five fixes. So, update your email client now to keep yourself safe.
The most critical buffer overflow bug (CVE-2017-7845) affects Thunderbird running on the Windows. The same critical vulnerability was also reported and patched earlier this month on Firefox browser.
HTC U11 - Flat Rs. 9,991 offHTC U11 - Rs. 43,999 (Rs. 9,991 off + up to Rs. 18,000 off on exchange)
“A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash,” Mozilla wrote.
Other two bugs rated moderate (CVE-2017-7848) and low (CVE-2017-7829) were an RSS bug and a bug impacting email. By exploiting the second bug, it was possible to spoof the sender’s email address and display any random sender address to the email recipient.
If you use Thunderbird, you need to update it to the latest version. As the bug is now known to all, hackers might try to exploit these.