Firefox v57.0.4 Released With Fixes for Meltdown

Mozilla on Thursday announced the rollout of version 57.0.4 for Release channel users on desktop and mobile. The update features security fixes to resolve recent security flaws, namely, the Meltdown and Spectre .

In a release note, Firefox has announced the availability of version 57.0.4 of its browser on desktop platforms including Windows, macOS, and Linux; apart from Android. The highlights of this update are security fixes for Meltdown and Spectre .Carrying build number NMJ88C and weighing 66.2MB, the update not only brings the new security patch, but it also comes with fixes for the two vulnerabilities that device manufacturers are rushing to patch before they are exploited.

Meltdown and Spectre security flaws have been found in Intel, AMD, and ARM CPUs, putting most computers and mobile phones at risk. Meltdown is specific to Intel CPUs but Spectre affects all devices alike. Meltdown lets hackers bypass the hardware barrier, allowing them to read a computer’s passwords and other sensitive information.Hours after Google’s announcement, Mozilla confirmed everybody’s worst fear, that both Meltdown and Spectre are remotely exploitable by embedding code in mundane JavaScript files delivered via web pages. It is claimed by Google that it already had warned the affected companies earlier this year in July.

Google claims that it had briefed affected companies about the ‘Spectre’ bug in June and the ‘Meltdown’ bug in July last year. While Google has already issued security updates to protect against these , browsers need to push updates to protect through JavaScript. Mozilla, in version 57.0.4, has disabled the SharedArrayBuffer feature to prevent against Meltdown .Users should only download apps from trusted sources to avoid being made vulnerable, the post said . “The problem really comes with Android because [with] Android phones it’s very hard to upgrade”. The National Cyber Security Centre , a part of GCHQ, said the major cloud service providers were installing fixes on their own platforms but separate updates would be needed on the operating systems of any virtual machines.

Apple also recently announced that all Mac and iOS devices had been affected by Meltdown and Spectre, and to resolve the latter bug, will be issuing a fix for Safari in the coming days. However, no such update has been issued by Mozilla for Firefox for iOS.As per some reports Firefox has released the version 57.0.4 on desktop platforms including Windows, Linux and macOS. You can grab the Android version from the Play Store below, or from APKMirror. Mozilla has not yet announced when it will release the updated version for Android users. Firefox maker says it has provided a temporary fix to make  more hard.

“In the longer term, we have started experimenting with techniques to remove the information leak closer to the source, instead of just hiding the leak by disabling timers,” said Mozilla in a blog postregarding prevention against like Meltdown and Spectre.Researchers say that can use the two flaws to read data from a computer’s kernel memory (Meltdown), but also data handled by other apps (Spectre). 10ThousandCouple

You may also like