Reply To: 19 Dec 15 – Unpatched Outlook email is vulnerable
But Thunderbird only lists the vulnerabilities that have been patched — and that link only covers up to version 38.4. The version I run is at 42.0. What lurks there?
In this day and age there seems to be very little bug checking before new or revised packages are released. I guess the philosophy is to simply churn out things. The Microsoft C compiler I’m familiar with had an option to turn on buffer overrun checking at run time. But, it did add a little to the size of the code. We always used it, even in those days we were fighting code size byte-by-byte. Seems today most exploits are things running off the end of a buffer and getting into places in memory where they shouldn’t. My boss wanted code that was “bullet-proof”. He was the one that had to field customer complaints when anything went wrong.