Product security service bulletin for Petya

Background

BD is currently monitoring the Petya ransomware occurrence that has been reported to affect companies worldwide. The Petya ransomware uses the same Windows SMBv1 vulnerability similar to WannaCry and takes advantage of unpatched Windows machines. If customers have followed BD guidance on securing products against the WannaCry vulnerability, there is no further action needed. BD is closely monitoring this situation and collaborating with industry stakeholders to ensure appropriate measures are taken to help safeguard our products.

Response

If customers have followed BD guidance on securing products against the WannaCry vulnerability, there is no further action needed. If not, BD recommends the following actions, outlined in our previously posted Product Security WannaCry bulletin, including applying the appropriate Microsoft patches and ensuring appropriate mitigating controls are in place for Microsoft SMB including isolating or blocking use of the network service. The following list shows BD products that may use SMB:

  • Accuri C6 Gen II
  • Accuri C6 Plus
  • FACSAria Fusion
  • FACSAria I/II/III
  • FACSCanto 10-color
  • FACSCanto 10-color clinical
  • FACSCanto II
  • FACSCanto II clinical
  • FACSJazz
  • FACSLyric
  • FACSMelody
  • FACSSample Prep Assistant (SPA) III
  • FACSVerse
  • FACSVia
  • GenCell CliC
  • Influx
  • LSR II
  • LSRFortessa
  • LSRFortessa X-20
  • BD Pyxis MedStation 3500/4000 (Windows XP)
  • BD CUBIE Replenishment Station (Windows XP)
  • BD Pyxis SupplyStation (Windows XP)
  • BD Pyxis StockStation (Windows XP)
  • BD Pyxis ScrubStation (Windows XP)
  • BD Pyxis SpecialtyStation (Windows XP)
  • BD Pyxis ProcedureStation (Windows XP)
  • BD Pyxis CIISafe (Windows XP)
  • BD Totalys SlidePrep
  • BACTEC FX
  • BACTEC FX40
  • BACTEC Touch
  • BD EpiCenter
  • BD Innova
  • BD MAX
  • BD Totalys FocalPoint GS Review Station
  • BD Totalys/Data Innovation PC
  • Kiestra InoqulA Standalone
  • Kiestra TLA/WCA
  • Phoenix M50
  • Totalys Multiprocessor
  • ViperLT

Note: This list provided below does not indicate the patch or device status. The intended use of these products does not include email and/or internet browsing.

For product or site-specific concerns, contact your BD service representative. We will update this communication as new information becomes available.

For procedures specific to your product, contact your BD service representative. If you observe symptoms of a ransomware attack, disconnect your system from the network and contact your BD service representative or the Corporate Product Security Office at ProductSecurity@bd.com.


Last updated on June 30, 2017