Just 4% of business mobile devices are safe from Meltdown and Spectre

And nearly three-quarters are vulnerable to both chip flaws, research suggests

Just 4% of business mobile devices have been patched against the Meltdown and Spectre chip vulnerabilities that wreaked havoc across the tech industry at the start of the year.

The data is courtesy of security firm Bridgeway, which carried out an analysis of more than 100,000 business mobile devices.

Advertisement - Article continues below

The outfit's report not only discovered that 96% of smartphones are still not patched against the threat, it also claimed 72% of devices are currently exposed to both attacks, despite tech giants Google and Apple deploying software fixes for their respective operating systems last week.

That might have something to do with Bridgeway's other claim that a further 24% of devices are likely to be vulnerable and currently impossible to patch due to their age. For these phones, Bridgeway warned, the only option remaining for an organisation is to replace them with new ones.

"This is because these OS versions and devices will be unsupported by their hardware and OS manufacturers and in these cases, the only option remaining for the organisation will be to replace the devices with new," the security firm explained in a blog post.

"Mobile devices, although equally at risk as traditional PCs and servers, may not have been top of the IT department's priority patch list, but with increasing amounts of sensitive corporate data being stored and accessed from these devices, they should be," added Jason Holloway, managing director of Bridgeway.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"Mobile devices are the new target for hackers, who will be looking to exploit these flaws as quickly as they can. Organisations need to patch their mobile devices now, before they can be targeted."

IT departments should check device manufacturers' websites for the availability of updates, Bridgeway advised, and apply them across their device estates as soon as possible.

Meltdown and Spectre are vulnerabilities that exploit a serious design flaw only found earlier this month - Meltdown was found to be in all Intel chips made in the last 10 years, which Intel is hurriedly patching, while Spectre affects AMD and ARM, among others. Both leave devices vulnerable to hackers.

The bug allows normal user programs, such as database applications and JavaScript in web browsers, to distinguish some of the layout or contents of protected kernel memory areas of the chips, which have been reported to cause performance hits on some machines.

Advertisement - Article continues below

The Meltdown flaw affects all systems running Intel x86 chips and is present across all popular operating systems, including Windows, Linux, and macOS, and have required an operating system (OS) update in order to fix it.

Congress has questioned chip manufacturers about their response to the flaws, calling them "glaring warning signs that we must take cybersecurity more seriously".

Advertisement

Recommended

Visit/security/cyber-security/355210/cyber-criminals-torn-over-how-to-adapt-to-post-coronavirus-threat
cyber security

Hackers torn over how to adapt their tactics to the coronavirus pandemic

3 Apr 2020
Visit/strategy/28237/cto-job-description-what-does-a-cto-do
Business strategy

CTO job description: What does a CTO do?

1 Apr 2020
Visit/social-media/30368/how-to-delete-a-facebook-business-page
social media

How to delete a Facebook business page

1 Apr 2020
Visit/data-centres/30952/five-business-benefits-of-hyperconvergence
data centres

Five business benefits of hyperconvergence

25 Mar 2020

Most Popular

Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/security/cyber-crime/355171/fbi-warns-of-zoom-bombing-hackers-amidst-coronavirus-usage-spike
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020