BD is aware of and currently monitoring a remote code execution vulnerability in the Microsoft Windows Print spooler service, known as PrintNightmare, affecting all versions of Microsoft Windows Operating Systems. This third-party vulnerability is not specific to BD or our products. BD is providing this update to let customers know which BD products could be affected by this third-party vulnerability.
BD has not received any reports of this vulnerability being exploited on BD products.
The product list below identifies existing BD products that are in scope of this Microsoft vulnerability. The list may be updated as more products are identified. In addition, this list does not indicate the patch or device status. Please check back periodically for updates.
The BD products listed below are in scope for CVE-2021-34527:
BD is currently working to test and validate the patch(es) for BD products that use the affected third-party software. Please refer to the Bulletins and Patches page for all approved product security patching notifications.
Additionally, BD recommends the following compensating controls for customers using BD products in scope:
Customers that maintain patches independent of BD automated delivery should ensure these actions are performed as the acting responsible entity to maintain the correct security posture of the system(s) and ensure the proper Windows Print spooler service patches have been applied:
For product-or site-specific concerns, contact your BD service representative. If you believe a BD device on your network has been impacted by this third-party vulnerability, disconnect the device from the network and contact your BD service representative immediately.