Mozilla Thunderbird 52.9.0 released - gHacks Tech News

Mozilla Thunderbird 52.9.0 released

The Thunderbird team has released a new version of the open source cross-platform email client. Thunderbird 52.9.0 is a security update first and foremost which makes it a recommended update for all users of the email client.

thunderbird 52.9.0

The new version of Thunderbird fixes the so-called EFAIL security issue completely. EFAIL was discovered earlier this year by security researchers. It allows attackers to gain access to OpenPGP or S/Mime encrypted messages by managing to get hold of encrypted messages, for instance by network snooping, modifying the emails, and sending them to the target.

The Thunderbird development team fixed the issue partially in Thunderbird 52.8.0 which it released in May 2018.

The release of Thunderbird 52.9.0 fixes the issue completely by removing "some HTML crafted to carry out" an EFAIL attack, and optionally "not decrypting subordinate message parts that otherwise might reveal decrypted content to the attacker".

The optional feature is not enabled by default. You can enable it in the following way in the Thunderbird client:

  1. Select Tools > Options from the menu bar. If you don't see the menu bar, tap on the Alt-key to display it.
  2. Go to Advanced > General.
  3. Click on Config Editor.
  4. Search for mailnews.p7m_subparts_external.
  5. Double-click on the preference.
  6. Close the window.

A value of true means that the feature is enabled, a value of false (default) that it is disabled.

Thunderbird 52.9.0 fixes 13 security vulnerabilities; four vulnerabilities have received the highest impact rating of critical.

The new version of Thunderbird includes two non-security changes next to that. It fixes issues "when forwarding messages inline when using "simple" HTML View. Thunderbird supports three view types: original HTML, simple HTML, and plain text.

The difference between Original and Simple HTML is that Thunderbird blocks some elements, e.g. remote content automatically whereas you get an option to enable it with Original HTML view.

The final change of Thunderbird 52.9.0 is a change in how IMAP folders are handled by the client. Starting with this version, Thunderbird will prompt users to compact IMAP folders even if the account is online.

Existing Thunderbird users can run a manual check for updates to use Thunderbird's built-in updating functionality. Just select Help > About Thunderbird to do so.

The new email client version is also available as a direct download on the official Thunderbird project website.

Summary
Mozilla Thunderbird 52.9.0 released
Article Name
Mozilla Thunderbird 52.9.0 released
Description
The Thunderbird team has released a new version of the open source cross-platform email client: Thunderbird 52.9.0
Author
Publisher
Ghacks Technology News
Logo

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. AC said on July 5, 2018 at 1:45 pm
    Reply

    Thunderbird is best bird.

    1. John Fenderson said on July 5, 2018 at 5:44 pm
      Reply

      Hear, hear! But I fear what’s going to happen to it in the near future. I’m seeing ominous signs.

  2. linuxfan said on July 5, 2018 at 2:49 pm
    Reply

    Martin, I’m sorry to say that your article is inaccurate and misleading.

    1. In Thunderbird javascript is *not* available in mails regardless of the view type. This has been true since TB 3. You wrote an article about that change yourself in 2010: https://www.ghacks.net/2010/06/30/thunderbird-3-javascript-whats-the-deal/

    2. Remote content is blocked by default in mails regardless of the view type. The difference between the view types is described on http://kb.mozillazine.org/Mail_content_types#Reading_messages

    1. Martin Brinkmann said on July 5, 2018 at 3:33 pm
      Reply

      Thanks I have corrected this.

  3. Mo said on July 5, 2018 at 2:57 pm
    Reply

    I am glad Thunderbird is still worked on.

  4. sunnytimes said on July 5, 2018 at 3:36 pm
    Reply

    love the bird

  5. Charles said on July 6, 2018 at 4:55 am
    Reply

    Can someone pointed me to some discussion about the estimated date for the release of the version 60?

    1. Thunderbird Team said on July 6, 2018 at 6:44 am
      Reply

      Upcoming releases:
      * TB 60 ESR (early July 2018)
      https://wiki.mozilla.org/Thunderbird/StatusMeetings/2018-06-26#Lightning

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.