Majority of enterprise mobile devices 'still at risk' from Meltdown and Spectre

null

The vast majority of workplace mobile devices in use across the world are still unprotected against the Meltdown and Spectre vulnerabilities, new research has claimed.

Findings from Bridgeway discovered that only four per cent of all enterprise mobile devices have the Meltdown / Spectre patch installed. 

Investigating data from more than 100,000 corporate-owned mobile devices among UK’s private, public and third-sector organisations, Bridgeway says a minimum of 72 per cent of all devices are still vulnerable.

The rest, 24 per cent, will most likely never be patched due to their age.

The company adds that patches for both big mobile operating systems, Android and iOS, have been available for more than a week now.

“In 2017, the global damage caused by ransomware attacks highlighted the importance of quickly patching vulnerabilities, to mitigate the risks of attack and data loss,” said Jason Holloway, managing director of Bridgeway.  

“Mobile devices, although equally at risk as traditional PCs and servers, may not have been top of the IT department’s priority patch list, but with increasing amounts of sensitive corporate data being stored and accessed from these devices, they should be.”

“It’s worrying that only four per cent of organisations have applied updates to protect their devices against Meltdown and Spectre: it means the majority of companies are needlessly exposing their users, devices and more importantly, corporate data, to the risk of interception and exfiltration.  Mobile devices are the new target for hackers, who will be looking to exploit these flaws as quickly as they can.  Organisations need to patch their mobile devices now, before they can be targeted.”

Older mobile devise, for example those powered by Android 6.0, will probably never be patched by vendors, Bridgeway says.

Image Credit: CyberHades / Flickr