Bulletins
BD is monitoring the developing situation with a large-scale ransomware attack that is affecting healthcare facilities across the globe. The "WannaCry" ransomware encrypts all files on affected computers and demands the administrator pay a ransom in order to regain control of those files. If affected, healthcare providers may lose access to patient files and experience major IT disruption and delays. At this time, we are actively monitoring the situation and working closely with customers to ensure the appropriate measures are taken to help safeguard our products.
As a result of these events, BD recommends the following for systems running a Microsoft® Windows® operating systems with any form of network connectivity to minimize risk and impact:
- Ensure the following Microsoft patches have been applied to your devices:
- Microsoft Malware Protection Engine: CVE-2017-0290 version 1.1.13701.0 and earlier
Microsoft operating systems include Windows XP, Windows 7, Windows 8 and Windows Server 2003. Windows 10 was not targeted by the attack.
- Microsoft Malware Protection Engine: CVE-2017-0290 version 1.1.13701.0 and earlier
- Ensure appropriate mitigating controls are in place for Microsoft Windows SMB.
- Ensure your data has been backed up and stored according to your individual process and disaster recovery procedures are in place.
- Updates to malware protection, where available
BD has provided the list below in order to better help our customers identify any BD products running Microsoft Windows operating systems with potential network connectivity. This list provided below does not indicate the patch or device status.
- Alaris Systems Manager
- BD Accuri C6 Gen II
- BD Accuri C6 Plus
- BD Alaris Server
- BD BACTEC FX
- BD BACTEC FX40
- BD BACTEC Touch
- BD Cato
- BD EpiCenter
- BD FACS Aria Fusion
- BD FACS Aria I/II/III
- BD FACS Canto 10-color
- BD FACS Canto 10-color clinical
- BD FACS Canto II
- BD FACS Canto II clinical
- BD FACS Celesta
- BD FACS Jazz
- BD FACS Link Interface
- BD FACS Lyric
- BD FACS Sample Prep Assistant (SPA) III
- BD FACS Verse
- BD FACS Via
- BD GenCell CliC
- BD Influx
- BD Innova
- BD Kiestra InoqulA
- BD Kiestra TLA
- BD LSR II
- BD LSRFortessa
- BD LSRFortessa X-20
- BD MAX
- BD Phoenix M50
- BD Totalys DataLink
- BD Totalys FocalPoint GS Review Station
- BD Totalys Multiprocessor
- BD Totalys SlidePrep
- BD Totalys/Data Innovation PC
- BD ViperLT
- Pyxis Anesthesia System
- Pyxis CIISafe
- Pyxis Connect
- Pyxis MedStation System
- Pyxis PARx System
- Pyxis Pharmogistics Inventory Management
- Pyxis ProcedureStation
- Pyxis StockStation
- Pyxis SupplyStation
- Rowa Dose
- Rowa Vmax System
For product or site-specific concerns, contact your BD service representative. Note: The intended use of these products does not include email and/or internet browsing.
For procedures specific to your product, contact your BD service representative. If you observe symptoms of this ransomware attack, disconnect your system from the network and contact your BD service representative or the Corporate Product Security Office at ProductSecurity@bd.com.
For additional technical details and indicators associated with this ransomware, review US-CERT Alert (TA17-132A).