Just 4% of business mobile devices are safe from Meltdown and Spectre

And nearly three-quarters are vulnerable to both chip flaws, research suggests

Just 4% of business mobile devices have been patched against the Meltdown and Spectre chip vulnerabilities that wreaked havoc across the tech industry at the start of the year.

The data is courtesy of security firm Bridgeway, which carried out an analysis of more than 100,000 business mobile devices.

The outfit's report not only discovered that 96% of smartphones are still not patched against the threat, it also claimed 72% of devices are currently exposed to both attacks, despite tech giants Google and Apple deploying software fixes for their respective operating systems last week.

That might have something to do with Bridgeway's other claim that a further 24% of devices are likely to be vulnerable and currently impossible to patch due to their age. For these phones, Bridgeway warned, the only option remaining for an organisation is to replace them with new ones.

"This is because these OS versions and devices will be unsupported by their hardware and OS manufacturers and in these cases, the only option remaining for the organisation will be to replace the devices with new," the security firm explained in a blog post.

"Mobile devices, although equally at risk as traditional PCs and servers, may not have been top of the IT department's priority patch list, but with increasing amounts of sensitive corporate data being stored and accessed from these devices, they should be," added Jason Holloway, managing director of Bridgeway.

"Mobile devices are the new target for hackers, who will be looking to exploit these flaws as quickly as they can. Organisations need to patch their mobile devices now, before they can be targeted."

IT departments should check device manufacturers' websites for the availability of updates, Bridgeway advised, and apply them across their device estates as soon as possible.

Meltdown and Spectre are vulnerabilities that exploit a serious design flaw only found earlier this month - Meltdown was found to be in all Intel chips made in the last 10 years, which Intel is hurriedly patching, while Spectre affects AMD and ARM, among others. Both leave devices vulnerable to hackers.

The bug allows normal user programs, such as database applications and JavaScript in web browsers, to distinguish some of the layout or contents of protected kernel memory areas of the chips, which have been reported to cause performance hits on some machines.

The Meltdown flaw affects all systems running Intel x86 chips and is present across all popular operating systems, including Windows, Linux, and macOS, and have required an operating system (OS) update in order to fix it.

Congress has questioned chip manufacturers about their response to the flaws, calling them "glaring warning signs that we must take cybersecurity more seriously".

Featured Resources

Unleashing the power of AI initiatives with the right infrastructure

What key infrastructure requirements are needed to implement AI effectively?

Download now

Achieve today. Plan tomorrow. Making the hybrid multi-cloud journey

A Veritas webinar on implementing a hybrid multi-cloud strategy

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

The workers' experience report

How technology can spark motivation, enhance productivity and strengthen security

Download now

Recommended

Global ransom DDoS extortionists are retargeting companies
distributed denial of service (DDOS)

Global ransom DDoS extortionists are retargeting companies

22 Jan 2021
How to spot a failing digital transformation project
digital transformation

How to spot a failing digital transformation project

22 Jan 2021
CTO job description: What does a CTO do?
Business strategy

CTO job description: What does a CTO do?

22 Jan 2021
BEC scammers are using Google Forms to identify easy victims
phishing

BEC scammers are using Google Forms to identify easy victims

21 Jan 2021

Most Popular

WhatsApp could face €50 million GDPR fine
General Data Protection Regulation (GDPR)

WhatsApp could face €50 million GDPR fine

25 Jan 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021