Breaking News

Thunderbird Version 52.9 addresses several issues, including the EFAIL flaw

The Thunderbird team released a new version of the popular email client that addresses many security issued, including the EFAIL vulnerability.

Thunderbird has released a new version to address a dozen security vulnerabilities, including the EFAIL encryption issue that was discovered in May.

The new version addresses two EFAIL-related issues in the way Thunderbird handles encrypted messages.

“The EFAIL attacks exploit vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext of encrypted emails. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs.” reads the blog post published by the researchers that discovered the EFAIL flaw.

“To create these exfiltration channels, the attacker first needs access to the encrypted emails, for example, by eavesdropping on network traffic, compromising email accounts, email servers, backup systems or client computers. The emails could even have been collected years ago.”

The new Thunderbird 52.9 addresses the  CVE-2018-12372 flaw that can be exploited by attackers to build S/MIME and PGP decryption stubs in HTML messages.

“Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a HTML reply/forward.” reads the security advisory published by the Mozilla Foundation.

The new version also fixes the CVE-2018-12373 flaw that could result in the leakage of  S/MIME plaintext when a message is forwarded.

Thunderbird 52.9 also addresses some critical flaws such as the CVE-2018-12359 that is a buffer overflow vulnerability that could be exploited to crash a vulnerable system

“A buffer overflow can occur when rendering canvas content while adjusting the height and width of the <canvas> element dynamically, causing data to be written outside of the currently computed boundaries.”

The new release also fixes a use-after-free flaw tracked as CVE-2018-12360 that could be exploited to crash a target system.

“A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash.” continues the advisory.

Another security issue is related to the executable SettingContent-ms files, the security researcher Matt Nelson discovered that Windows 10 users weren’t getting warned when they were opening such kind of files. This issue was tracked as CVE-2018-12368 and could be used by attackers to execute arbitrary code by tricking users into opening the files.

“Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the “Mark of the Web.” continues the advisory.

“Without the warning, unsuspecting users unfamiliar with this new file type might run an unwanted executable. This also allows a WebExtension with the limited downloads.open permission to execute arbitrary code without user interaction on Windows 10 systems”.

Thunderbird also addressed some  memory sasome memoryat derived from the Firefox code base.

The good news is that the bugs coild not ne directly exploitable in the e-mail client because scripting is disabled while users are reading messages.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Thunderbird,  EFAIL)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

3 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

15 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

19 hours ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

1 day ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

1 day ago

Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…

1 day ago

This website uses cookies.