The Mozilla Foundation has announced the fact that it updated Thunderbird, its free, open-source, cross-platform email client. To be more precise, Mozilla rolled out Thunderbird 3.1.7 and Thunderbird 3.0.11 for Windows, Mac OS X and Linux. You can get these updates right now from GetThunderbird.com, or you can wait for the automated update prompt, or you can manually trigger an update by clicking Help -> Check for updates.

Thunderbird 3.1 users are well advised to get the latest update for three reasons: v. 3.1.7comes with fixes to improve corruption in local copy of IMAP mailboxes, fixes to improve handling of large folder files stored locally, and fixes for various stability and security issues.

Putting the spotlight on the security side of Thunderbird 3.1.7, the application is accompanied by a security advisory entitled MFSA 2010-74 Miscellaneous memory safety hazards, a second advisory entitled MFSA 2010-75 Buffer overflow while line breaking after document.write with long string, and a third advisory entitled MFSA 2010-78 Add support for OTS font sanitizer.

All three advisories carry the critical rating. Mozilla uses a 4-tier rating system: low, moderate, high, and critical. The critical rating is used only when a “vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.”

Thunderbird 3.0.11 fixes the same three security issues as Thunderbird 3.1.7 does, which means Thunderbird 3.0 users have just one reason to update their application – security. To stay safe and protected, they have to get v. 3.0.11.

As a little but important side note, it must be said that this is the last updated Thunderbird 3.0 users will get. Mozilla will drop support for Firefox 3.0 and switch all focus on Firefox 3.1. This means there will be no Firefox 3.0.12 or Firefox 3.0.13. Early next year all Thunderbird 3.0 users will receive prompts encouraging them to upgrade to Thunderbird 3.1.