IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Just 4% of business mobile devices are safe from Meltdown and Spectre

And nearly three-quarters are vulnerable to both chip flaws, research suggests

Mobile phone

Just 4% of business mobile devices have been patched against the Meltdown and Spectre chip vulnerabilities that wreaked havoc across the tech industry at the start of the year.

The data is courtesy of security firm Bridgeway, which carried out an analysis of more than 100,000 business mobile devices.

The outfit's report not only discovered that 96% of smartphones are still not patched against the threat, it also claimed 72% of devices are currently exposed to both attacks, despite tech giants Google and Apple deploying software fixes for their respective operating systems last week.

That might have something to do with Bridgeway's other claim that a further 24% of devices are likely to be vulnerable and currently impossible to patch due to their age. For these phones, Bridgeway warned, the only option remaining for an organisation is to replace them with new ones.

"This is because these OS versions and devices will be unsupported by their hardware and OS manufacturers and in these cases, the only option remaining for the organisation will be to replace the devices with new," the security firm explained in a blog post.

"Mobile devices, although equally at risk as traditional PCs and servers, may not have been top of the IT department's priority patch list, but with increasing amounts of sensitive corporate data being stored and accessed from these devices, they should be," added Jason Holloway, managing director of Bridgeway.

"Mobile devices are the new target for hackers, who will be looking to exploit these flaws as quickly as they can. Organisations need to patch their mobile devices now, before they can be targeted."

IT departments should check device manufacturers' websites for the availability of updates, Bridgeway advised, and apply them across their device estates as soon as possible.

Meltdown and Spectre are vulnerabilities that exploit a serious design flaw only found earlier this month - Meltdown was found to be in all Intel chips made in the last 10 years, which Intel is hurriedly patching, while Spectre affects AMD and ARM, among others. Both leave devices vulnerable to hackers.

The bug allows normal user programs, such as database applications and JavaScript in web browsers, to distinguish some of the layout or contents of protected kernel memory areas of the chips, which have been reported to cause performance hits on some machines.

The Meltdown flaw affects all systems running Intel x86 chips and is present across all popular operating systems, including Windows, Linux, and macOS, and have required an operating system (OS) update in order to fix it.

Congress has questioned chip manufacturers about their response to the flaws, calling them "glaring warning signs that we must take cybersecurity more seriously".

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Best business tablets 2022
Hardware

Best business tablets 2022

27 Jul 2022
CMO job description: What does a chief marketing officer do?
Business strategy

CMO job description: What does a chief marketing officer do?

9 Jun 2022
CFO job description: What does a chief financial officer do?
Business strategy

CFO job description: What does a chief financial officer do?

9 Jun 2022
What does a CISO do?
Careers & training

What does a CISO do?

12 May 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022