Tails 7.8 Closes a Long-Standing Security Gap
Tails 7.8 is now available, and the most important change is not a new privacy feature. It is a security correction to a problem that could leave users running outdated software inside an operating system designed for anonymity.
Users who rely on Tails for sensitive browsing, research, journalism, activism, or operational security should pay particular attention to how the release changes software updates and addresses privilege-escalation vulnerabilities.
What Changed#
The headline change is the handling of Thunderbird.
The Tails team has removed Thunderbird from the default installation. Users who want it can still install it as additional software. When Thunderbird is installed this way and Persistent Storage is enabled, the latest version is automatically installed from Persistent Storage during startup.
This change addresses a practical maintenance problem.
According to the project, previous Tails releases often shipped with an outdated Thunderbird version because Thunderbird updates in Debian frequently arrived shortly after a Tails release. The result was a recurring lag between available security fixes and the version included in Tails.
For a platform whose users often operate in higher-risk environments, that lag matters. An anonymity-focused system is only as strong as the software running inside it.
Tails 7.8 also fixes multiple security vulnerabilities affecting the Linux kernel and haveged. The project warns that such flaws could potentially allow an application running inside Tails to gain administrative privileges.
The concern is not that these vulnerabilities automatically deanonymize users. The concern is chain exploitation. If an attacker first discovers or exploits another weakness in an application, a privilege-escalation vulnerability can become the next step toward full system compromise.
Why It Matters#
Security discussions often focus on remote exploits and headline vulnerabilities. In practice, privilege escalation remains one of the most valuable stages in a real attack chain.
Tails itself highlights this risk. An attacker who gains limited execution inside the system may attempt to leverage kernel-level flaws to obtain broader control. Once administrative access is achieved, the protections that users depend on become much harder to trust.
The Thunderbird change is also notable because it addresses process risk rather than a single bug.
Many security incidents stem from update timing, packaging delays, and maintenance friction rather than dramatic technical failures. By changing how Thunderbird is delivered and updated, Tails reduces dependence on release synchronization between projects.
That does not eliminate risk, but it removes a recurring source of exposure that previously left users behind the latest security fixes.
What Users Should Check#
Existing users running Tails 7.0 or later can use the project’s automatic upgrade path to move to Tails 7.8 while keeping their Persistent Storage.
A few practical checks are worth making after upgrading:
- Confirm the upgrade completed successfully.
- Verify that Persistent Storage is still available and functioning as expected.
- If Thunderbird is part of your workflow, confirm it is installed as additional software and persists correctly across reboots.
- Review any operational procedures that assume Thunderbird is included by default.
- Check that security-sensitive workflows still behave as expected after the upgrade.
Users performing a fresh installation should pay close attention to the distinction between upgrading and reinstalling. The project notes that installing Tails on a USB drive instead of performing an upgrade will erase the existing Persistent Storage on that device.
What Not to Overclaim#
Tails 7.8 should be viewed as a security maintenance release, not a fundamental redesign of the platform.
The project has fixed vulnerabilities and improved software delivery, but users should avoid treating the release as a guarantee against deanonymization or compromise. Security remains dependent on the entire chain: the operating system, installed applications, user behavior, and unknown vulnerabilities that may still exist.
The stronger takeaway is operational.
An anonymity-focused system becomes weaker when critical applications regularly fall behind security updates. Tails 7.8 reduces that risk and closes several known privilege-escalation paths. For most users, that is the real value of this release.