14 DAY TRIAL // Mozilla Thunderbird, that popular email client designed by the same company that created Firefox, is again vulnerable to attacks after a highly critical security flaw has been discovered in the version prior to 2.0.0.13. In fact, there's no 2.0.0.13 version yet, but everybody expects it as it is supposed to fix all these glitches.
Security company Secunia rated the flaw as highly critical, adding that "some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or potentially compromise a user's system." However, Secunia informs us that "the vulnerabilities will be fixed in the upcoming 2.0.0.13 version," so let's wait a few more days for the new Thunderbird release.
Mozilla has already confirmed the series of vulnerabilities and provided a workaround in order to be used by the Thunderbird consumers until the new version of the email client is rolled out on the market: disable JavaScript. According to the Mozilla security notification, the glitches were reported by three contributors, namely moz_bug_r_a4, Boris Zbarsky, Johnny Stenback, an update being expected in the next few days.
"Additional vulnerabilities reported separately by Boris Zbarsky, Johnny Stenback, and moz_bug_r_a4 showed that the browser could be forced to run JavaScript code using the wrong principal leading to universal XSS and arbitrary code execution," Mozilla mentioned in the advisory.
Mozilla Thunderbird is quite a famous email client nowadays as it has attracted millions of downloads in every country in the world. For instance, the application has attracted more than 80,000 hits on Softpedia. If you want to download the latest version of this software solution, you can take it straight from our website using the following link.
More info about the security vulnerability spotted in Thunderbird can be found in the Mozilla security notification.