Computerworld
Quick Menu
Search



Ads by TechWords

See your link here


Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Finance
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 

Computerworld 2007Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

Mozilla fixes nine flaws in Thunderbird

Updates e-mail program to 2.0.0.16 to patch bugs handled in Firefox weeks ago

By Gregg Keizer
Comments
2
Recommended
38

Active Comments

john douglas spillane MPA says: PLEASE.. Give me a answer to "Flaw in Mozilla???...
Read the rest | Reply
john douglas spillane MPA says: When you transfered my email to Mozilla you made it ALL UNREAD>> Only 50-60 where unread.. Can this be rectified?...
Read the rest | Reply
All Comments (2) | Post New


Zone

Featured Zone
Identity & Security Management
Solve your compliance problems and mitigate risk. Automate, validate and enforce business governance with Novell Identity Management and Security solutions.
Learn more in the Identity & Security Management Zone
See All Zones

July 24, 2008 (Computerworld) Mozilla Messaging patched nine security vulnerabilities in Thunderbird yesterday, the first time it has plugged holes in the e-mail software since early May.

Thunderbird 2.0.0.16, which was added to Mozilla's download servers late Wednesday, quashes nine bugs, including one that was patched last week in Firefox, the company's open-source browser. The remainder fix flaws that were first addressed in early July when Mozilla updated Firefox to Version 2.0.0.15.

It's not unusual for Thunderbird security updates to lag behind those released for Firefox.

Seven of the nine bugs were rated "moderate" by Mozilla, the second-lowest of the four rankings in its threat system. The other two were pegged as "low."

The bug patched in Thunderbird yesterday that was fixed in Firefox last week was in the browser rendering engine's CSSValue array data structure. According to Mozilla, the vulnerability could be used by hackers to force a crash, and from there, run malicious code. Several other just-patched Thunderbird vulnerabilities could also be used by attackers to execute code remotely.

Thunderbird 2.x, like its browser sibling, is on the way out. Most of Mozilla's attention is now on Thunderbird 3.0, which has been available as an Alpha 1 preview for more than two months.

Users can download Thunderbird 2.0.0.16 in versions for Windows, Mac OS X and Linux from the Mozilla site, call up the e-mail client's built-in updater or wait for the automatic update notification, which typically appears within 24 to 48 hours.



Make a Comment Recommend Story Slashdot this Digg this
Print Story Send Feedback Email this Reprints

Related Content

Webcast: Achiving Compliance Through Good Governance
Whitepaper: Ninja: Total Email Security

CW Report: Learn-Fast Guide: Software as a Service is Growing Up
Mozilla gives sneak peak of Thunderbird e-mail app
Thunderbird 1.0 takes on Outlook Express, Eudora
Plaxo extends support to Mozilla e-mail client
Mozilla ships Thunderbird 1.5 e-mail client
Mozilla preps Firefox 3.0 auto update

Today's Top Stories

Microsoft to buy up to $100M in Novell SUSE Linux support vouchers
Wi-Fi in-flight comes to some American routes
Apple: iPhone update improves 3G; users disagree
Yahoo Buzz poses serious threat to Digg, some users say
Opera patches 7 bugs, but keeps one secret
IBM pumps $300M into business continuity centers

What People Are Saying

See comments | Add new
See comments | Add new

Resource Alerts

to receive Security Resource Alerts

Webcasts

Why SaaS is Vital to Email and Web Security

Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management

Achiving Compliance Through Good Governance

Whitepapers

Leading Analyst Firm: Penetration Testing is a Requirement

Should You Install Messaging Security Software on Your Exchange Server?

Ninja: Total Email Security

Computerworld Reports

Learn-Fast Guide: Software as a Service is Growing Up

SaaS Solutions for Remote Systems Management

Learn-Fast Guide: Software as a Service is Growing Up

Editor's Picks

Microsoft to buy up to $100M in Novell SUSE Linux support vouchers

Wi-Fi in-flight comes to some American routes

Apple: iPhone update improves 3G; users disagree

Yahoo Buzz poses serious threat to Digg, some users say

Opera patches 7 bugs, but keeps one secret

IBM pumps $300M into business continuity centers

Shark Bait
View Shark BaitFired up about IT? Join Sharkbait and share your true tales of IT. SharkBait is the place for you to sound off about everything IT – the good, the bad, and the rest of the weird stuff you deal with every day.

New baits
Shark Bait
Featured Column
In SecurityIn Security
Stripping away the trappings of applications, systems and networks, information is the core asset of most organizations. Our columnist describes how asserting the importance of information governance is crucial to making that asset tangible, addressable and protected.

Click here to read the latest column by Jon Espenschied
 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDG Connect IDG World Expo Infoworld
The Industry Standard ITworld JavaWorld LinuxWorld MacUser Macworld Network World PC World Playlist
Copyright © 2008 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.