Meltdown and Spectre Security Vulnerabilities Statement
February 12, 2018
FUJIFILM Medical Systems U.S.A., Inc. is currently monitoring manufacturer and industry updates related to the publically disclosed Meltdown and Spectre security vulnerabilities. As part of the company’s product security practices, Fujifilm’s Quality Assurance teams are actively evaluating potential impacts on Fujifilm products. Fujifilm has not received any reports of these malware vulnerabilities affecting Fujifilm Medical Informatics or Medical Systems products.
The Spectre and Meltdown vulnerabilities affect many common processors and operating systems. According to industry reports, affected processors include Intel, AMD, and ARM. Also according to industry reports, affected systems include Windows, Linux, Android, Chrome, iOS, and Mac OS running on laptops, embedded devices, servers, clients, mobile phones, etc. While the Spectre vulnerability targets a wide range of processors from multiple manufacturers, Meltdown is limited to processors from Intel.
Microsoft has released update patches for current-generation Windows platforms to help mitigate the Meltdown and Spectre vulnerabilities. Fujifilm has completed testing of the Microsoft patches listed below and approves their implementation for Synapse® PACS, Synapse Cardiovascular, and Synapse RIS products:
- Windows 10 Quality Update KB4056892
- Windows Server 2012 R2 Security Only Update KB4056898
- Windows 7 SP1/Windows Server 2008 R2 Security Only Update KB4056897
For additional details on Microsoft Windows patches for these vulnerabilities, please refer to the Microsoft resources at https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown. For additional details on Microsoft Windows patches’ compatibility with Synapse products, please refer to https://extranet.fujimed.com.
In addition to Microsoft Windows patches, other areas of your datacenter that support Fujifilm Medical Informatics products will also require updates. In particular, virtualized operating systems provided by manufacturers such as VMWare will require updates in the near future. At present, these manufacturers have not released patches for their products related to these vulnerabilities. Fujifilm recommends that you continue to monitor industry and manufacturer updates. Fujifilm will monitor manufacturer updates and may communicate these updates in the future.
Fujifilm is committed to the reliability of its products and to your success as our valued customer. If you have questions about Fujifilm products and the Meltdown and Spectre vulnerabilities, please contact the Fujifilm Technical Assistance center at 800-272-8465.