Only 4% of enterprise mobile devices protected against Meltdown and Spectre vulnerabilities

James is editor in chief of TechForge Media, with a passion for how technologies influence business and several Mobile World Congress events under his belt. James has interviewed a variety of leading figures in his career, from former Mafia boss Michael Franzese, to Steve Wozniak, and Jean Michel Jarre. James can be found tweeting at @James_T_Bourne.

The fallout from the Meltdown and Spectre vulnerabilities is going to be painful, long-ranging and expensive – the latter in more ways in one. Yet according to new research published by Bridgeway, companies are not exactly getting a jumping start on reparation.

Bridgeway, through anonymously analysing 100,000 mobile devices through its mobile management reporting tool, IronWorks found that only 4% of enterprise mobile devices had been patched against the threats. In all, at least 72% of devices are still exposed to the vulnerabilities, the company added.

What’s more, a further 24% of devices analysed are ‘impossible’ to patch due to their age. If you have any Android devices in your fleet that are older than Marshmallow, for instance, then the advice is to replace them immediately as these will never be patched by Google.

“It’s worrying that only 4% of organisations have applied updates to protect their devices against Meltdown and Spectre: it means that majority of companies are needlessly exposing their users, devices and more importantly, corporate data, to the risk of interception and exfiltration,” said Jason Holloway, managing director of Bridgeway. “Mobile devices are the new target for hackers, who will be looking to exploit these flaws as quickly as they can.

“Organisations need to patch their mobile devices now, before they can be targeted,” Holloway added.

That said, patches are not working across all systems. As TechRepublic reported, errors have been reported in various industrial systems following updates, from manufacturers including ABB, Rockwell and Siemens.

Siemens issued a security bulletin, last updated yesterday, which noted: “Siemens is aware that some updates can result in compatibility, performance or stability issues on certain products and operating systems. Operating system vendors, such as Microsoft, are still working to address these compatibility issues with their updates. Siemens will therefore continue to evaluate the applicability of those updates.” in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.

View Comments
Leave a comment

Leave a Reply

Your email address will not be published.