Summary:  On February 26 2008 the Mozilla foundation released an updated version of its popular Thunderbird email application.  Version 2.0.0.12 of Thunderbird addresses five security vulnerabilities, including one listed as "critical" by the vendor.

**SPECIAL NOTE TO THUNDERBIRD v1.n USERS:  According to one security resource (seeSANS advisory link below) version 2.0.0.12 includes security fixes that are not available to variants of Thunderbird version 1; users of Thunderbird version 1.n are therefore encouraged to upgrade to version 2.0.0.12 in order to attain the highest possible level of security for this application. 

Recommended Actions: system administrators, support personnel and Thunderbird users are encouraged to read the security advisory and install the updated version as soon as possible (safe links provided below).

Readers are encouraged to share this alert with family, friends, and associates who may use Thunderbird on their home computers.

ITS Actions:  N/A

Resources:

Thunderbird Security Content page:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird2.0.0.12

Thunderbird 2.0.0.12 Release Notes:
http://www.mozilla.com/en-US/thunderbird/2.0.0.12/releasenotes/

Thunderbird Download page:
http://www.mozilla.com/en-US/thunderbird/

SANS Advisory:
http://isc.sans.org/diary.html?storyid=4033