Mozilla Releases Security Update for Thunderbird – fix for CVE-2022-39249

Alert Severity: High

Issue Date: 2022-09-28

CVE(s): CVE-2022-39249

Impacted Products and Versions: Mozilla Thunderbird version < 102.3.1

Description:

Mozilla has released a security update to address a vulnerability in Thunderbird.

Thunderbird users using Matrix chat protocol were vulnerable to an impersonation attack. An attacker posing as server administrator was able to send fake encrypted message posing as another user on that server.

Mitigation:

Mozilla thunderbird has released latest update 102.3.1, that should be updated on all systems using Mozilla thunderbird.