SharedArrayBuffer is not disabled in all browsers. It was briefly disabled at disclosure time of the first Spectre vulnerabilities, but as browsers moved to site isolation (one process per origin), they have reenabled it.