Mozilla has released a minor update of its email client, Thunderbird 2, version, which among other things fixes a couple of security holes.

Both are ranked as ‘moderate’, instead of ‘critical’ or ‘high’. Additionally, there have been no exploits ‘in the wild’, or even proof-of-concept code.

Mozilla says its moderate rating is reserved for "vulnerabilities that would otherwise be high or critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps”.

That said, one of them was rated critical when it was fixed in Firefox two weeks ago. So while it's unlikely to bite you, it's still probably a good idea to get Thunderbird, which is available along with more info about what's in the update at Mozilla's site.