Firefox Quantum has been updated to address Meltdown and Spectre timing attacks

Firefox Quantum has been updated to address Meltdown and Spectre timing attacks

Firefox Quantum has been updated to address Meltdown and Spectre timing attacks

The newly revealed Meltdown and Spectre attacks introduce a lot of problems for PC users, some which are not likely to be fixed in hardware for quite some time. While Page Table Isolation techniques have addressed most of the concerns of Meltdown, Spectre remains a concern, mostly because variants of the exploit apply to almost all of today’s major processors.  

The solution is fairly simple; software needs to be updated to address many of the potential issues that both Spectre and Meltdown can exploit, making changes that will help to prevent information leaks. With Firefox 57.0.4, Mozilla has disabled their SharedArrayBuffer and decreased the resolution of several time sources within Firefox Quantum, making the browser more secure by disabling timers and making others a lot less precise.

Over time Mozilla plans to implement more permanent solutions to the problems posed by Spectre and Meltdown with future updates. These concerns will be something that software creators will have to consider for quite some time, at least until solutions to the problem are available at a hardware level. 

Firefox Quantum has been updated to address Meltdown and Spectre timing attacks

  
Google is currently working on a similar update for their Chrome browser, though at the time of writing this update is not available to download. 

You can join the discussion on Firefox Quantum’s latest security update on the OC3D Forums.Â