Oct 1, 2019
This product secuity bulliten describes the Interpeak IPNET TCP IP stack vulnerability
Sep 5, 2019
This notification applies to the BD Pyxis™ ES system products listed below for customers whose products are connected directly to a hospital domain and utilize Microsoft's Active Directory.
Jul 15, 2019
In line with our commitment to continuously improve patient care, BD offers our customers innovative solutions for collecting and analyzing infusion information from the Alaris System.
Jun 13, 2019
BD has been made aware of a potential vulnerability that can impact the Alaris™ Gateway Workstation (Workstation). If exploited, this vulnerability may allow an attacker with malicious intention to remotely install unauthorized firmware. These products are not sold or used in the United States.
Jun 13, 2019
BD has been made aware of a potential vulnerability that can impact Web Browser User Interface on the Alaris™ Gateway Workstation, standalone configuration only. If exploited, this vulnerability may allow an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to specified information on the Web Browser User Interface.
May 15, 2019
BD is aware of and currently monitoring the Remote Desktop Services Remote Code Execution vulnerability. This vulnerability was announced by Microsoft on May 14, 2019. This vulnerability affects any systems that use Remote Desktop Services for Windows XP, Windows 7, Windows 2003 and Windows 2008.
Apr 17, 2019
Microsoft will end support for the Windows 7 Operating System (OS) after January 14, 2020 and for Windows Embedded Standard 7 Service Pack 1 on October 13, 2020. As a result, Microsoft will no longer provide security updates or support for devices running Windows 7.
Jan 29, 2019
Administrator Account Enabled in BD FACSLyric™ Cell Analyzer Systems with Windows 10 Professional
Jan 24, 2019
BD is aware of a Microsoft Windows vulnerability in the task scheduler, which could allow malicious attackers to gain elevated system privileges, if compromised. This vulnerability identified a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface. It has been observed targeting fully patched Microsoft Windows 10 64-bit and Windows Server 2016 operating systems. This is not a BD-specific vulnerability, and there have been no reports of a BD product being affected by this vulnerability.
Oct 2, 2018
This notification provides product security information and recommendations related to a product security vulnerability found in the following BD Kiestra Systems: BD Kiestra TLA, BD Kiestra WCA and BD InoqulA+ specimen processor. The contents of this notification will be disclosed publicly on the BD Product Security website (www.bd.com/productsecurity) and is voluntarily reported by BD with Information Sharing and Analysis Organizations (ISAOs) where BD participates, including the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and the National Health Information Sharing and Analysis Center (NH-ISAC) to optimally reach past and present customers.