Bulletins
BD collaborates with BlackBerry® Cylance® on the integration of CylancePROTECT®, next-generation anti-malware that uses machine learning and artificial intelligence, for certain BD products. We are aware that an issue within CylancePROTECT® has been publicly disclosed by security researchers. This vulnerability could allow an attacker to bypass the anti-malware component of the product, which would allow malware to run on the system.
BD has provided the list, below, in order to better help our customers identify any BD products with workstations running CylancePROTECT®. This list provided, below, is not comprehensive and may be updated as more products are identified. It does not indicate the patch or device status.
- BD Max™
- BD Viper™ LT
- BD EpiCenter™
- BD BACTEC™ FX 40
- BD BACTEC™ FX
- Kiestra™ TLA/WCA
- BD Phoenix™ M50
- BD COR™ system
- BD Assurity Linc™
BD has had no reports of this vulnerability being exploited on a BD product, and is currently working to validate the CylancePROTECT™ solution. Please see the Product Security Patching website for all approved product security patching notifications. Additionally, BD recommends the following for systems that use CylancePROTECT™ to minimize risk and impact:
- Ensure data has been backed up and stored according to your individual processes and disaster recovery procedures.
Customers that maintain patches independent of BD automated delivery should ensure these actions are performed as the acting responsible entity in order to maintain the correct security posture of the system(s).
- Ensure CylancePROTECT™ is upgraded to at least version 2.0.1534
For product or site-specific concerns, contact your BD service representative. If you observe symptoms of this attack, disconnect your system from the network and contact your BD service representative immediately.
https://threatvector.cylance.com/en_us/home/blackberry-cylance-guidance-on-potential-bypass.html