April 16, 2020 –
The latest Thunderbird edition does not come up with any major innovations. A number of critical weaknesses have disappeared.
In the latest version of the Thunderbird mail client, the Mozilla subsidiary MZLA has fixed five vulnerabilities. Two of them are considered critical: CVE-2020-6819 and CVE-2020-6820 are so-called use-after-free bugs, i.e. errors that allow the description of released memory areas. This can lead to program crashes and unexpected data values - or any code can be executed. The Security advisory there is little additional information about Thunderbird 68.7.90. Two more leaks called CVE-2020-6821 and CVE-2020-6825 are rated high, another (CVE-2020-6822) is medium.
The new Thunderbird edition also brings new features and improvements, which mostly concern extensions: Add-ons are now updated automatically. Mail extensions can now access the raw data of a message. And the function message.update can now mark mail as junk or no junk. For users, setting up an Exchange account in Thunderbird 68.7 should be less complicated.
As usual, Thunderbird 68.7 for Windows is available in our freeware library Download ready.
(ubi)
– .
