Survey Reveals 72% of Organizations Will Roll Out Patches Slower as a Result of Meltdown and Spectre

Additionally, half of organizations lack a strategy for securing endpoints that can't be patched right away, leaving organizations at increased risk of attack

A new survey released today by Barkly, the company advancing endpoint security by combining the strongest, smartest protection with the simplest management, finds that the complexity and challenges associated with the Spectre and Meltdown patches will result in companies delaying future patch rollouts. 72% of organizations planned to slow future rollouts and yet 50% of organizations lack a strategy for securing endpoints that are waiting to be patched, leaving companies exposed.

Applying the Meltdown and Spectre patches has been a long, frustrating process for many organizations and the survey findings show it is far from over. One month after the January Windows security update was released, one third of organizations reported that 25% or less of their machines had received the update and implemented it. Poor communication, incompatibility issues, and roll backs due to faulty firmware updates have left many frustrated. 80% of respondents said they found the Meltdown and Spectre patching process to be unclear. A staggering 88% expressed frustration with the process, overall.

While experts have been warning the industry that the only long-term, fool-proof fix for Spectre variant 2 is replacing CPU hardware, this survey revealed another equally damaging part of the vulnerability’s legacy may be a lingering hesitancy to deploy patches in a timely manner. The majority of respondents said they have purposefully held off on applying Meltdown and Spectre-related updates, and plan to do so only after testing for compatibility and performance issues. 22% say they may not apply patches at all in cases where they anticipate a significant hit to performance. 72% of organizations say they are likely to roll out patches more slowly in the future.

“Meltdown and Spectre have been a painful reminder of how problematic and slow patching can be. It is critical that organizations ensure their endpoints are secure with the strongest, smartest protection, especially in between periods of patching when an organization is most vulnerable,” said Mike Duffy, CEO of Barkly.

To address the critical need, Barkly’s patented endpoint protection provides organizations with the strongest protection against exploitation of both known and previously-unknown vulnerabilities. Barkly’s patented agent leverages a unique 3-level architecture that enables it to see and block attacks other solutions can’t by utilizing CPU hardware extensions, kernel-level drivers, and user-space analytics for an unparalleled level of visibility and control. This enables Barkly to be resilient to sophisticated bypass techniques while delivering advanced exploit mitigation for malicious process injection, Windows process impersonation, credential theft, stack manipulation, privilege escalations, Atom Bombing, and more.

“We needed to replace our antivirus with a solution that could stop all of today’s threats. Barkly protects our endpoints against the evolving threat landscape, enables us to remotely take action, and provides real-time alerts. Thanks to Barkly’s strong protection, we were able to replace our legacy antivirus with confidence,” said Eric Owen of BÜCHI Corporation.

In 2017, over half of organizations using antivirus were compromised. As malware attacks continue to evolve and patching timelines lengthen, continued reliance on antivirus will leave organizations at risk. Barkly has received third-party validation as an antivirus replacement after comprehensive testing from independent research firm AV-TEST and leading compliance assessor Coalfire.

About Barkly

Barkly is advancing endpoint security by combining the strongest protection, smartest technology, with the simplest management. The Barkly Endpoint Protection Platform™ blocks attacks across all vectors and intents, including exploits, scripts, executables, and ransomware. Barkly is the only protection with visibility into all levels of the system, including the CPU and stays up-to-date through its continuous machine-learning engine that automatically converts threat intelligence into powerful protection through nightly training on malware and customer-specific goodware. Barkly requires no security expertise to setup and deploy and makes management simple through any desktop or mobile device. Barkly is independently certified for antivirus replacement, HIPAA, PCI DSS & NIST by Coalfire and AV-TEST. Barkly is formed by an elite team of security and SaaS experts from IBM, Cisco and Intel, and is backed by investors NEA and Sigma Prime. Learn more by visiting us at or follow us on Twitter @BarklyProtects.


Maya Pattison, Director of PR
617.488.9400 |