This is a good reason to read the official Tor Blog: https://blog.torproject.org They make a new post for every TBB release to let you know what has changed. Sometimes they simply update the software to new versions (Tor, Vidalia, Firefox, Torbutton, Noscript, HTTPS Everywhere), but other times they fix critical security bugs. For example, about a year ago it was discovered that web sockets would bypass the TorBrowser proxy settings and connect over clearnet: https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs So the vulnerabilities you are exposed to depend on the version you are running. It may be nothing or it may be something significant. However, you should make it a habit to always run the latest TBB version.