Ubuntu’s Meltdown/Spectre wiki as well as their Meltdown/Spectre press release indicate that Ubuntu 12.04 and Ubuntu 17.04 are NOT going to be patched for general free users. Too many machines are still running Ubuntu 12.04. Those with extreme postures toward using “oldstable” OS are now being bit.
Part of the problem is servers that should be in the cloud, where they can be more readily transitioned by contractors are instead running in a closet. OS deprecation is part of life. Like a car, if you can’t afford to maintain it, you can’t afford to run it. Soon a bigger problem will result–relying on something you can’t afford to lose.
The solution is virtualization where possible. Use OS-agnostic coding methods, use Cmake instead of Make directly. Use test-driven-design instead of “yay it works on my laptop”. Continuous integration is vital to the reliability of your product development lifecycle as well as operations. If your validation consists of tests cooked up by an employee that left 6 years and 3 handoffs ago, you’ll just keep going through mini-Y2K events.
Nearly everyone should be able to build a registration test. If you can’t, either you have a very special case, or don’t have a handle on your dataflow lifecycle. A registration test + continuous integration allow you to peer across OS & compiler versions, monitoring edge cases that break. Driving toward unit tests incrementally as warranted allow minimal upfront expenditure. A way can be crafted to bring you to a 1 year ROI, sometimes much less time than that if your development cycles revolves around “golden laptops” with difficult to replicate setups.
Are you using version control? Are you using version control well? How many years old is the “as-built” copy? This makes great training for summer co-ops. Have you considered how absence of contemporary best practices drives away top talent, costs the company far too much in wasted rework and excessive monkey-patch solutions?