While many companies have rolled out meltdown and spectre patches, Mozilla seems to have joined the bandwagon by coming up with an updated version of Firefox with the build number of 57.0.4. Mozilla implemented two different changes in the new Firefox version in order to deal with the two security flaws.
Mozilla said, “Since this new class of attacks involves measuring precise time intervals, as a partial, short-term, mitigation we are disabling or reducing the precision of several time sources in Firefox. This includes both explicit sources, like performance. In the longer term, we have started experimenting with techniques to remove the information leak closer to the source, instead of just hiding the leak by disabling timers. This project requires time to understand, implement and test, but might allow us to consider reenabling SharedArrayBuffer and the other high-resolution timers as these features provide important capabilities to the Web platform.”
As for the overly-discussed performance impact these patches might have, April King, head of Mozilla’s website security, tweeted: “although the operating system upgrades will have mixed effects depending upon your workload.”
Users are recommended to install this new version as soon as possible to remain protected.