'

Firefox Quantum has been updated to address Meltdown and Spectre timing attacks

Please update to version 57.0.4 if you haven't already

Firefox Quantum has been updated to address Meltdown and Spectre timing attacks

Firefox Quantum has been updated to address Meltdown and Spectre timing attacks

The newly revealed Meltdown and Spectre attacks introduce a lot of problems for PC users, some which are not likely to be fixed in hardware for quite some time. While Page Table Isolation techniques have addressed most of the concerns of Meltdown, Spectre remains a concern, mostly because variants of the exploit apply to almost all of today's major processors.  

The solution is fairly simple; software needs to be updated to address many of the potential issues that both Spectre and Meltdown can exploit, making changes that will help to prevent information leaks. With Firefox 57.0.4, Mozilla has disabled their SharedArrayBuffer and decreased the resolution of several time sources within Firefox Quantum, making the browser more secure by disabling timers and making others a lot less precise.

Over time Mozilla plans to implement more permanent solutions to the problems posed by Spectre and Meltdown with future updates. These concerns will be something that software creators will have to consider for quite some time, at least until solutions to the problem are available at a hardware level. 

Firefox Quantum has been updated to address Meltdown and Spectre timing attacks

  
Google is currently working on a similar update for their Chrome browser, though at the time of writing this update is not available to download. 

You can join the discussion on Firefox Quantum's latest security update on the OC3D Forums

«Prev 1 Next»

Most Recent Comments

06-01-2018, 21:06:36

ByteMyAscii
Browsers are being increasingly proactive in offering protections, which I think is a good thing.
Browsers that update themselves more transparently, not requiring user input or explicit permissions are going to I expect be updated more readily than the OS, particularly where updates to that often put-off by users.
And as the browser is going to be the primary source of someone trying to exploit those I suspect, then that is definitely a good place to have one of the layers of protection before we get proper fixes.Quote

07-01-2018, 12:10:12

TheF34RChannel
Yep got the update already, and as a new Firefox user I was already loving their browser offer!Quote
Reply
x

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.