Customer Information on WannaCry Ransomware for PENTAX Medical Informatics, Speech, Voice, and Swallowing Systems

June 6, 2017

Description
We recognize our Informatics, Speech, Voice and Swallowing Systems are impacted by the WannaCry ransomware virus.  This virus is designed to spread rapidly among computers on the same network, encrypt files on the infected system, empowering the attackers to demand ransom from users to decrypt the files.  Additionally, the WannaCry ransomware includes malware, which allows the attackers a “backdoor” into infected systems for further access.  WannaCry exploits Windows computers that do not have Microsoft Windows Security Patch MS17-010 installed.  In summary, the Microsoft update address vulnerabilities in Microsoft Windows.  The main correction addresses the vulnerability that could allow remote code execution if an attacker sends specific messages to a Microsoft Server Message Block (SMB) 1.0 (SMBv1) server.

Recommendations
We recommend customers to install Microsoft security patch MS17-010 to help safeguard their PENTAX Medical systems listed below.  Proper patch based on the version of windows that are running should be selected.  More details and instructions are on Microsoft’s Security Bulletin at:  https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Systems that support the Microsoft MS17-010 Security Patch


1Windows XP uses SMB 1.0.
2Windows 7 and Windows Server 2008 R2 use SMB 2.1; however, SMB 1.0 is also installed and active by default.
3Windows Server 2012 R2 uses SMB 3.02; however, SMB 1.0 is also installed and active by default
4Windows 10 uses SMB 3.1.1; however, SMB 1.0 is also installed and active by default

In case these products are operated in a stand-alone mode, there is no impact of the ransomware virus and there is no need to apply the security patch.
There is no impact on other products than the listed above.

If you have any questions, please contact your local PENTAX Medical representative.

Sincerely,
PENTAX Medical