Print Nightmare Security
On July 7, 2021 Microsoft released “Out-of-Band” patches to address security vulnerabilities affecting the Windows operating system, these vulnerabilities are commonly known as “Print Nightmare” or “Chaos Print Nightmare”. The released patches (CVE-2021-1675 and CVE-2021-34527) address weaknesses which if exploited would allow a hacker to run arbitrary code with system level privileges.
Medical Device Security
In an effort to maintain product security and customer satisfaction, Mindray evaluates known cybersecurity threats. These efforts include identifying to what extent known threats can impact patient care as well as the efficacy of released patches pertaining to any particular Mindray embedded operating system version.
The WannaCry Worm identified in May, 2017 impacted Windows Operating Systems around the world. Microsoft released a patch (MS17-010) to address the vulnerabilities exploited by the WannaCry Worm. Mindray has evaluated this patch and is ready to deploy where applicable. If you feel you have been exposed to WannaCry and would like more information, please contact Mindray Technical Support HIS group.
The Petya Malware was first identified in March 2016. Microsoft addressed the vulnerabilities exploited by Petya Malware in the Microsoft Patch (MS17-010). Mindray has evaluated this patch and is ready to deploy where applicable. If you feel you have been exposed to Petya Malware and would like more information, please contact Mindray Technical Support HIS group.
“KRACK” – Key Reinstallation Attacks
A vulnerability in the WPA2 security protocol has recently been acknowledged. This vulnerability, known as “KRACK” for Key Reinstallation Attacks, exposes a weakness in the WPA2 security protocol. The WPA2 protocol is the recommended method for protecting and securing access to Wi-Fi devices. As of this writing, Mindray has not received reports of Mindray devices impacted by this KRACK vulnerability. Mindray is working closely with our suppliers to implement solutions as they become available. If additional information is required, please contact Mindray Technical Support HIS group.
On October 1, 2019 FDA issued a Safety Communications regarding the Urgent/11 Cybersecurity vulnerabilities. These vulnerabilities exist in a third-party software component, IPNet, used for network communications. IPNet is utilized in several real-time operating systems which may be incorporated into some medical devices. Mindray has not and does not use the identified operating systems in any product sold in North America.