May 15, 2019
BD is aware of and currently monitoring the Remote Desktop Services Remote Code Execution vulnerability. This vulnerability was announced by Microsoft on May 14, 2019. This vulnerability affects any systems that use Remote Desktop Services for Windows XP, Windows 7, Windows 2003 and Windows 2008.
Apr 17, 2019
Microsoft will end support for the Windows 7 Operating System (OS) after January 14, 2020 and for Windows Embedded Standard 7 Service Pack 1 on October 13, 2020. As a result, Microsoft will no longer provide security updates or support for devices running Windows 7.
Jan 29, 2019
Administrator Account Enabled in BD FACSLyric™ Cell Analyzer Systems with Windows 10 Professional
Jan 24, 2019
BD is aware of a Microsoft Windows vulnerability in the task scheduler, which could allow malicious attackers to gain elevated system privileges, if compromised. This vulnerability identified a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface. It has been observed targeting fully patched Microsoft Windows 10 64-bit and Windows Server 2016 operating systems. This is not a BD-specific vulnerability, and there have been no reports of a BD product being affected by this vulnerability.
Oct 2, 2018
This notification provides product security information and recommendations related to a product security vulnerability found in the following BD Kiestra Systems: BD Kiestra TLA, BD Kiestra WCA and BD InoqulA+ specimen processor. The contents of this notification will be disclosed publicly on the BD Product Security website (www.bd.com/productsecurity) and is voluntarily reported by BD with Information Sharing and Analysis Organizations (ISAOs) where BD participates, including the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and the National Health Information Sharing and Analysis Center (NH-ISAC) to optimally reach past and present customers.
Aug 23, 2018
BD has been made aware of a potential vulnerability that can impact various Alaris™ Syringe Pumps sold and used outside of the United States. If exploited, this vulnerability may allow an attacker to gain remote access to devices when connected to a terminal server via the serial port. This potential vulnerability does not affect the Alaris™ Syringe Module sold in the United States.
Aug 9, 2018
BD is aware of a Trojan called Kwampirs, which allows malicious attackers remote access into a compromised computer. This is not a BD-specific vulnerability, and there have been no reports of a BD product being affected by Kwampirs. It has been observed targeting common legacy Microsoft Windows operating systems. Kwampirs affects those systems with enabled network shared drives, outdated or no malware protection and any version of the Microsoft Windows Operating System.
Jun 7, 2018
The set of vulnerabilities disclosed have been called Key Reinstallation attACKs (KRACK), which if exploited can potentially affect all business industries including the healthcare industry. "KRACK" allows data traffic manipulation resulting in partial disclosure of encrypted communication or injection of data into it. However, for KRACK to be successfully exploited an attacker would have to be within physical range of an affected Wi-Fi access point and client.
Mar 23, 2018
BD is currently monitoring the Meltdown and Spectre vulnerabilities. While these vulnerabilities are hardware-based, they impact multiple operating systems. A flaw in computer processing units (CPU) could allow malicious software to gain access to other processes and data on any impacted computer or server, including cloud applications. These vulnerabilities are not exclusive to BD or medical devices. They potentially affect every computer and/or device with a CPU, specifically certain Intel™ chips, AMD™ and ARM processors.
Feb 12, 2018
This notification provides product security information and recommendations related to BD FACSDiva software. BD FACSDiva software is a collection of rich tools for flow cytometer and application setup, data acquisition, and data analysis that help streamline flow cytometry workflows for today's busy laboratory.