Security Patches

Microsoft has issued the following statement and customer guidance for the WannaCry attacks: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Microsoft has issued the following statement regarding updates planned for the month of February:

Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.

Please refer to the following site for more information: https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/

Current Reports

Merge PACS v6
with Halo Viewer
Merge Cardio 8.30.0, 8.30.2, 9.x, 10.x Security Patch Testing (including Stand-alone HL7 Server and ERD Server) Merge EchoIMS 3.1.0.2 Security Patch Testing Merge Hemo 9.x Workstation and Server Security Patch Testing Merge AIMS 8.3 Security Patch Testing
 

 

Prior Reports

Policy Statement on Off-the-Shelf Software Updates
Comp Server
& DICOM Bridge
DataBridge Merge EchoIMS
Security Patch Testing
Merge EchoIMS
Security Updates
Fusion PACS Fusion RIS Client eFilm Workstation Enterprise Web Server
Matrix Server Matrix Workstation Fusion RIS Server ImageCD
  Merge Cardio 8.30.0, 8.30.2, 9.x, 10.x Security Patch Testing (including Stand-alone HL7 Server and ERD Server) Merge EchoIMS 3.1.0.2 Security Patch Testing Merge Hemo 9.x Workstation and Server Security Patch Testing
 


Merge Cardiology Solutions

Vulnerability Reports: Merge continues its active survey of vendor vulnerability reports and additional information resources in order to remain abreast of threats announced by Microsoft and others. Security Bulletins are released by Microsoft on the second Tuesday monthly. Merge personnel immediately evaluate these bulletins to determine their applicability to our products.


Patch Validation: Once applicable patches are identified, they are tested to make sure they will not adversely affect Merge systems. In the case of patches that are labeled Critical, Merge most often will make them available to customers in less than 5 days.

Internet Email Worms: As we know, these attacks send electronics email messages with malware attachments that clog email systems and, if opened, can sometimes cause harm. Since Merge VERICIS acquisition systems and cardiac data management products are not used for email, these malware attacks will not affect these systems. Our diagnostic workstations are dedicated devices and, though based on a Windows platform, are not configured to, nor intended to operate with a email client.