Connected medical devices running Windows in hospitals are vulnerable to attack

According to figures in a recent report by cyber security firm CyberMDX, 45% of all networked Windows devices in a typical hospital in the US are vulnerable to the Remote Code Execution flaw known as BlueKeep, because they haven’t been updated or patched.

Obsolete software and unpatched devices put networks at risk of being vulnerable to attack. Connected medical devices can include x-ray and ultrasound equipment and monitors.

We first reported on the BlueKeep exploit (CVE-2019-0708), that affects some older versions of Windows, in May 2019 after alerting Microsoft to the threat. Microsoft issued a critical security fix and the NCSC always recommends that organisations and individuals apply updates.

Microsoft security patches for CVE-2019-0708.

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: