Waterfox 56.0.2 security update released
In short: security researchers found flaws in processors that attackers can use to read data in memory that they should not have access to.
The patching requires updates to firmware, operating systems and even other programs such as browsers.
Microsoft released out of band security updates for Windows to address the issue and Mozilla released a patch for Firefox that mitigated it as well.
Waterfox 56.0.2 incorporates the same patch that Mozilla released. Spectre, Speculative execution side-channel attack, relies on exact timing to function. Mozilla reduced the precision of some of the time sources that Firefox uses to mitigate the issue.
Tip: The following articles may also be of interest to you:
- Waterfox 56 is out
- Waterfox 55.2 update and roadmap released
- Waterfox dev has big plans for the browser
Waterfox includes the December 7, 2017 security patches for Firefox as well according to the changelog.
Waterfox 56.0.2 includes changes and bug fixes as well. The biggest change in the new browser version impacts multi-process Firefox (e10s, Electrolysis). Waterfox will disable e10s automatically if add-ons are installed in the browser that are not marked as compatible with the multi-process architecture.
It is unfortunately difficult to find out which of the installed add-ons are not multi-process compatible.
Here is what you need to do:
- Load about:support in the Waterfox address bar.
- Select "show folder" to open the profile folder on the local system.
- Open the "Extensions" directory.
- Use an archiving program like Bandzip to extract the add-on file if the extension is provided as a single XPI file.
- Open the file install.rdf in the root directory of the extracted extension.
- Locate the multiprocessCompatible line and check if it states true (compatible) or false (not compatible).
- Repeat this for any installed add-on.
The remaining changes in Waterfox 56.0.2
- Updated libcubeb library to prevent audio issues on new Windows 10 builds
- Fix default browser check
- Fix plugin issues due to checking .mozilla instead of .waterfox.
- Fix of various white space issues
Waterfox users should update the web browser asap to the new version to protect the browser and their data against exploits. You can run a check for updates with a click on Menu >Â Questionmark > About Waterfox. The browser runs a check for updates when you open the about window. The new version is available for all supported desktop operating systems on the website as well.Advertisement