Product Security Updates
PrintNightmare Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527, CVE-2021-36947, CVE-2021-36936, CVE-2021-34483, CVE-2021-34481, CVE-2021-36958)
Updated Septemer 14th, 2021
On July 6th, 2021, Microsoft released a patch for a critical Remote Code Execution vulnerability to address CVE-2021-34527. The Microsoft Windows Print Spooler service fails to restrict access to functionality that allows users to add printers and related drivers, which can allow a remote authenticated attacker to execute arbitrary code with SYSTEM privileges on a vulnerable system. Since then, multiple CVE’s have been added as part of the combined “PrintNightmare” vulnerability, along with additional patches.
This vulnerability impacts all windows operating systems.
Cepheid’s research and development teams are analyzing the Microsoft patches for CVE-2021-34527, CVE-2021-36947, CVE-2021-36936, CVE-2021-34483, CVE-2021-34481 for impact to affected products.
January 20th, 2020
On January 14, 2020, Microsoft released patches to remediate 49 vulnerabilities within their monthly Patch Tuesday announcement. Amongst the available patches, is the vulnerability (CVE-2020-0601) affecting Microsoft Windows cryptographic functionality known as Windows CryptoAPI. The vulnerability affects GeneXpert systems running on Windows 10 Professional.
Cepheid is aware of this identified vulnerability and is currently monitoring related developments. Cepheid has not received any reports of these vulnerabilities affecting the clinical use of our products and is evaluating the potential impact of the vulnerability on its products.
Cepheid has not yet confirmed compatibility of its GeneXpert systems with patches that mitigate CVE-2020-0601. The compatibility testing process is underway, and we expect it to be completed within the next several weeks.
If you would like to be notified when compatibility testing is completed, please contact your local Cepheid Technical support team or email firstname.lastname@example.org.
September 13th, 2019
On August 13, 2019 Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.
The affected versions of Windows are Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions.
Windows XP, Windows Server 2003, and Windows Server 2008 are not affected, nor is the Remote Desktop Protocol (RDP) itself affected.