Yesterday, Google released information about a series of CPU vulnerabilities it discovered. The first was ‘Meltdown,’ which allows malicious programs to read protected memory – but only affected Intel-made x86 processors. The second issue, named ‘Spectre,’ applied to just about every modern processor, and gives malicious programs the ability to steal data from the memory of other applications.
Since the above vulnerabilities can be used through JavaScript, web browsers also need to be updated to avoid exploitation. Mozilla released Firefox 57.0.4 today, which disables the JavaScript features required for the attack.
Firefox 57.0.4 rolling out to all platforms with initial fixes for ‘Meltdown’ and ‘Spectre’ CPU vulnerabilities was written by the awesome team at Android Police.