In light of the serious news of critical CPU vulnerabilities that could be leveraged to provide access to privileged memory, Microsoft has made changes to its browsers to subvert side-channel attacks.
News has certainly been coming thick and fast with regards to how “speculative execution side-channel attacks” can be leveraged on systems built with modern processors and operating systems. While industry partners had been working on developing the corresponding mitigations for the critical hardware-based flaw, which could not be delivered as a microcode update, the issue was substantial enough to prompt Microsoft to release the patch yesterday, ahead of next week’s scheduled Patch Tuesday.
While operating system patches are an important measure, Microsoft has also taken steps to thwart JavaScript-originating attacks via its Internet Explorer and Edge browsers. Specifically, support for SharedArrayBuffer objects, used to share memory between agents, was removed from the former after having just been introduced in the Windows 10 Fall Creators Update. The other change, affecting both browsers, saw the resolution of the performance.now() method reduced from 5 microseconds to 20 microseconds with up to an additional 20 microseconds of variable jitter introduced to the returned timestamp value.
With respect to these changes, John Hazen, Principal PM Lead, Microsoft Edge said that:
The corresponding security updates have been released by the company for the Windows 10 Fall Creators Update (Version 1709), Creators Update (Version 1703), and the original version of Windows 10 (Version 1507).
Source: Microsoft
