The mail client Thunderbird is vulnerable. In the now available edition 60.7 the developers have closed several security holes. Overall, Mozilla has rated the attack risk as “high”. Since scripting is disabled by default, the gaps should not be exploited by just opening and reading emails. Rather, the context similar to a browser is possible. What that means in detail, Mozilla does not elaborate.
In most cases, attackers could provoke memory corruption, causing the application to crash. Under certain circumstances, the execution of malicious code is conceivable, Mozilla warns in a message. If you use the e-mail client, you should install the latest issue in a timely manner. To start the update process under macOS and Windows, open the menu item “Help”, “About Mozilla Thunderbird” and follow the instructions.