Security updates: malicious code attacks on Thunderbird conceivable
The Mozilla developers have closed several security holes in the email client Thunderbird.
Anyone who reads and manages their emails with Thunderbird should quickly update the application. Otherwise, attackers could target vulnerabilities and, in the worst case, smuggle malicious code onto the computer and execute it.
According to a warning message, the developers in Thunderbird 91.12 two as “moderate“ Classified gaps closed. In Thunderbird 102.1 they solved two more security problems.
One vulnerability (CVE-2022-2505) has a threat level of “high“ classified. If attackers successfully attack the vulnerability, they could trigger memory errors in a way that is not described in detail. According to the developers, attackers could use this to run malicious code on PCs with a little effort. This usually leads to the complete compromise of systems.
