Corporate enterprises face one of the biggest security risks of recent times: the “Meltdown” and “Spectre” critical vulnerabilities in the architecture of processors affect almost every computer and mobile device on the planet. Those vulnerabilities exploit processors’ speculative execution technique that optimally queues functions that are expected to run. It gives cybercriminals access to data running through the CPU itself. It is achieved by allowing a malicious application operating on a device to peek into the memory of another application on the same device and suck out its contents. “Meltdown”, designated as CVE-2017-5754, can enable hackers to gain privileged access to parts of a computer’s memory used by an application/program and the operating system (OS). Meltdown affects Intel processors. “Spectre”, designated as CVE-2017-5753 and CVE-2017-5715, can allow attackers to steal information leaked in the kernel/cached files or data stored in the memory of running programs, such as credentials. Spectre affects processors from Intel, Advanced Micro Devices (AMD), and Advanced RISC Machine (ARM). Microsoft is releasing updates for Windows to block malicious attempts to exploit the Meltdown vulnerability in Intel processors. At the same time, fixes to prevent user-mode programs from “peering inside” kernel-mode memory are being introduced by operating system vendors, hypervisor vendors and cloud computing companies.   So what should enterprise users and admins learn from the “Meltdown” and “Spectre” vulnerabilities? There are three primary dimensions of the issue:
  1. Late/no patching. Commercial devices patch timing is an industry-wide challenge. Though iOS and Google native mobile devices experience a relatively swift patching, most Android devices remain unpatched, meaning that potentially any data on these devices is at risk. Data present in any one of those could have been stolen.
  2. Technology Blackhole. Speculative execution derived vulnerabilities have existed for a decade or more. The complex technology and the abundance of mobile apps and malware form uncertainty and a huge attack surface. Users and system admins never know what other unknown vulnerabilities may cause data compromise. Not everything is known or told. Hackers and government agencies keep priceless knowledge on exiting breaches to themselves, though surprises keep popping up.
  3. Defense vs. detection. A strong cyber-defense starts with the realization that everything is hackable and every organization will be compromised at some point. Organizations have maxed out on their ability to lock down systems and networks, leaving mobile devices as the weakest entry point to their cyber environment. Vulnerabilities require complementary attack vectors to facilitate the exploitation but organizations fail to block entry-points thus allowing vulnerabilities big impact. Threat detection systems are constantly late to respond and introduce after the fact resolution. It is clear that traditional techniques for detecting attacks and protecting mobile devices are just not sufficient.
What should organizations do? Organizations should take active steps toward creating an effective defense. This defense should:
  1. Deploy platforms that rely on dedicated mobile security hardware and software that leverage trusted environments;
  2. Differentiate between mobile worker types and the risk that is associated with their work. Employees with secretive work should use trusted hardened mobile devices where other employees can use commercial BYO devices;
  3. Block unauthorized access points to the organizational network via mobile devices, including rapid security patches across enterprise mobile devices. To maintain this practice, security-minded organizations should utilize purpose-built mobile devices with security-rich operating system that allows enhanced defenses;
  4. Create a fusion of multiple defense layers across the organizational wireless environment providing in-depth protection against cyber-attacks, including communications  within a persistent VPN and a locked down private network;
  5. Dismantle all attack vectors – interception, injection, intelligence and forensic wire, and employ fused controls to eliminate careless use impact.
Cyber-criminals outsmart security defenders but operate within a known set of attack vectors, regardless the vulnerability. Shutting down the attack vectors, while allowing accepted reductions in users' experiences, will guarantee safe enterprise mobility.
By Noam Potter

Privacy Preference Center


These cookies are used to guarantee site logged-in to the server and proper site operation.

wordpress_e0e89334ac52a69b56ac8982b9a3784d wordpress_logged_in_e0e89334ac52a69b56ac8982b9a3784d, wp-settings-2, wp-settings-time-2, wpe-auth


These Google cookies are used for re-targeting, optimization, reporting, and attribution of online adverts and remarketing activity.



These third party cookies are used to collect information about how visitors use the site. The information is used to compile reports to improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

1P_JAR, APISID, APISID, DSID, DV, HSID, OTZ, __ncuid, _ga, __utmx, __utmxx


Various unique identifiers by Google, which stores your preferred use options.
Google sets a number of cookies on any page that includes a Google product such as Google Map and YouTube. While we have no control over the cookies set by Google, they appear to include a mixture of pieces of information to measure the number and behavior of Google tools users. This may include information that links your visits to our website with your Google account if you are signed in to one. Information about your use of our website, including your IP address, may be transmitted to Google and stored on their servers. These cookies may not identify you personally unless you are logged into Google, in which case it is linked to your Google account.