Available as version 60.7.1, the latest Thunderbird iteration addresses only four vulnerabilities. Of these, three were rated High severity and one Low risk.
An attacker capable of exploiting the most severe of these vulnerabilities could execute arbitrary code on the vulnerable machine, the Multi-State Information Sharing and Analysis Center (MS-ISAC), a division of the Center for Internet Security, reveals in an advisory shared with SecurityWeek.
“Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” the advisory reads.
Leave a reply