Just 4% of business mobile devices are safe from Meltdown and Spectre

And nearly three-quarters are vulnerable to both chip flaws, research suggests

Just 4% of business mobile devices have been patched against the Meltdown and Spectre chip vulnerabilities that wreaked havoc across the tech industry at the start of the year.

The data is courtesy of security firm Bridgeway, which carried out an analysis of more than 100,000 business mobile devices.

Advertisement - Article continues below

The outfit's report not only discovered that 96% of smartphones are still not patched against the threat, it also claimed 72% of devices are currently exposed to both attacks, despite tech giants Google and Apple deploying software fixes for their respective operating systems last week.

That might have something to do with Bridgeway's other claim that a further 24% of devices are likely to be vulnerable and currently impossible to patch due to their age. For these phones, Bridgeway warned, the only option remaining for an organisation is to replace them with new ones.

"This is because these OS versions and devices will be unsupported by their hardware and OS manufacturers and in these cases, the only option remaining for the organisation will be to replace the devices with new," the security firm explained in a blog post.

"Mobile devices, although equally at risk as traditional PCs and servers, may not have been top of the IT department's priority patch list, but with increasing amounts of sensitive corporate data being stored and accessed from these devices, they should be," added Jason Holloway, managing director of Bridgeway.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"Mobile devices are the new target for hackers, who will be looking to exploit these flaws as quickly as they can. Organisations need to patch their mobile devices now, before they can be targeted."

IT departments should check device manufacturers' websites for the availability of updates, Bridgeway advised, and apply them across their device estates as soon as possible.

Meltdown and Spectre are vulnerabilities that exploit a serious design flaw only found earlier this month - Meltdown was found to be in all Intel chips made in the last 10 years, which Intel is hurriedly patching, while Spectre affects AMD and ARM, among others. Both leave devices vulnerable to hackers.

The bug allows normal user programs, such as database applications and JavaScript in web browsers, to distinguish some of the layout or contents of protected kernel memory areas of the chips, which have been reported to cause performance hits on some machines.

Advertisement - Article continues below

The Meltdown flaw affects all systems running Intel x86 chips and is present across all popular operating systems, including Windows, Linux, and macOS, and have required an operating system (OS) update in order to fix it.

Congress has questioned chip manufacturers about their response to the flaws, calling them "glaring warning signs that we must take cybersecurity more seriously".

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/data-centres/30952/five-business-benefits-of-hyperconvergence
data centres

Five business benefits of hyperconvergence

8 Jul 2020
Visit/security/ethical-hacking/356252/poorly-secured-banking-apps-lead-to-cyber-threats
ethical hacking

Mobile banking apps are exposing user data to attackers

26 Jun 2020
Visit/security/malware/356231/most-malware-came-through-https-connections-in-q1-2020
malware

Most malware came through HTTPS connections in Q1 2020

25 Jun 2020
Visit/security/phishing/356211/phishing-attacks-target-unsuspecting-wells-fargo-customers
phishing

Phishing attacks target unsuspecting Wells Fargo customers

24 Jun 2020

Most Popular

Visit/mobile/google-android/356373/over-2-dozen-additional-android-apps-found-stealing-user-data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/cloud/356260/the-road-to-recovery
Sponsored

The road to recovery

30 Jun 2020