Only 4% of enterprise mobile devices protected against Meltdown and Spectre vulnerabilities
The fallout from the Meltdown and Spectre vulnerabilities is going to be painful, long-ranging and expensive – the latter in more ways in one. Yet according to new research published by Bridgeway, companies are not exactly getting a jumping start on reparation.
Bridgeway, through anonymously analysing 100,000 mobile devices through its mobile management reporting tool, IronWorks found that only 4% of enterprise mobile devices had been patched against the threats. In all, at least 72% of devices are still exposed to the vulnerabilities, the company added.
What’s more, a further 24% of devices analysed are ‘impossible’ to patch due to their age. If you have any Android devices in your fleet that are older than Marshmallow, for instance, then the advice is to replace them immediately as these will never be patched by Google.
“It’s worrying that only 4% of organisations have applied updates to protect their devices against Meltdown and Spectre: it means that majority of companies are needlessly exposing their users, devices and more importantly, corporate data, to the risk of interception and exfiltration,” said Jason Holloway, managing director of Bridgeway. “Mobile devices are the new target for hackers, who will be looking to exploit these flaws as quickly as they can.
“Organisations need to patch their mobile devices now, before they can be targeted,” Holloway added.
That said, patches are not working across all systems. As TechRepublic reported, errors have been reported in various industrial systems following updates, from manufacturers including ABB, Rockwell and Siemens.
Siemens issued a security bulletin, last updated yesterday, which noted: “Siemens is aware that some updates can result in compatibility, performance or stability issues on certain products and operating systems. Operating system vendors, such as Microsoft, are still working to address these compatibility issues with their updates. Siemens will therefore continue to evaluate the applicability of those updates.”
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » Companies need to disclose their cybersecurity risk to attract investors, study finds
- » Samsung launches Galaxy enterprise edition with UK focus
- » Why 2020 could be our year to achieve one workforce and true transparency
- » The six key steps to improve your enterprise’s mobile maturity
- » Lack of communication between CEO and CISOs put organisations at risk of cyberattacks, says Australian study