Mozilla Thunderbird 2.0.0.23 Includes Critical Security Update

The Mozilla Thunderbird development team has released an important update for the Mozilla Thunderbird email client. This upgrade includes one critical security fix that was reported by security researcher Dan Kaminsky. Compromise of SSL-protected communication vulnerability allows an attacker to obtain certificates that would function for any site they would like to target. More detail information about this vulnerability is available here.

Mozilla Thunderbird should automatically download the update upon its next start up. You can also manually update using the Help > Check For Updates function in the email client or visit the Mozilla Thunderbird website to download the update. This vulnerability was not only affecting the email client but also other Mozilla products including Firefox. Though this has been fixed in Firefox 3.5, Firefox 3.0.13, Thunderbird 2.0.0.23, SeaMonkey 1.1.18, NSS 3.12.3. So make sure that you are using the updated version of all the above products.

The release notes to this update is available here. Download link for all languages and system is available here.