Mitigating the threat of Spectre & Meltdown on Mobile Devices
By Marco Nielsen – VP Managed Mobility Services, Stratix
Security Vulnerabilities affecting Mobile CPUs
One of the largest, and most far-reaching security vulnerabilities were announced and we believe it is one which will impact us far into the future as legacy devices using these affected CPUs are everywhere, including in commonly-used mobile devices.
As these are CPUs affected there is no permanent “fix” to this problem, only mitigating steps which must be taken to ensure that rogue software is not able to exploit these devices.
In an attempt to simplify life for many IT administrators and staff now embarking on the messy task to sort out how to mitigate against these risks, we have gathered some of the important information now available and will keep it updated in the days and weeks ahead.
First, an overview of the vulnerabilities is important. Both of these hardware-based bugs allow software to steal data which is currently being processed on a computer. According to researchers studying the flaws, “while programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs.”
What is it? “Spectre” – Variant 1 & 2
What is it? “Meltdown” – Variant 3
Meltdown is a name given to an exploitation technique known as CVE-2017-5754 or “rogue data cache load.” The Meltdown technique can enable a user process to read kernel memory which is typically the protected part of an operating system. It works by breaking down the most fundamental isolation between applications running on a device and the operating system thereby allowing a rogue program to access the memory, and thus the secrets or other programs and the operating system. Most vendors are speculating that this will be easier to exploit short term, thus higher risk.
What to do? Stratix can help you with this problem
Stratix can assist with this security liability in your mobile environment by providing support to your mobile admins and users and can enable you to have a more secure business environment to protect your critical data due to these new risks.
Specific Stratix Managed Services include:
Consulting Services – Stratix personnel, can help you understand if your devices are under risk and what mitigation steps could be taken, short term and long term.
Support Services – Stratix’ trained mobile operations center personnel can assist end-users to perform the proper upgrades on devices and software as required.
Logistics Services – Stratix’s Lifecycle Management services can assist in upgrading devices and ensuring your mobile devices are properly and securing updated to the required version levels with all the correct software.
MDM / EMM Management Services – Stratix’ MDM / EMM personnel can assist with your MDM/EMM tools to help isolate at-risk devices, and ensure the proper steps are being taken to install all patches.
Please contact us for additional information or to schedule an initial call with one of our mobility specialists.
Status Table of Affected Devices
Download The Status Table for more background information. This document is a table with many of the common software and devices found with our customers and provides a good overview status.
Please note: Stratix is not responsible for any errors or false statements made on the individual vendors’ web pages, or mistakes made in the table referenced above. We will be updating this table regularly as additional information is available.