The following letter was issued concerning the WannaCry ransomware attack in May 2017. The directions provided to protect your system also apply to the June 2017 Petya ransomware attack.
May 18, 2017
Dear Valued Customer,
This letter is to raise your awareness of a new ransomware referred to as “Wannacry” that was introduced globally on May 12, 2017 targeting all Microsoft Windows® operating systems. If your system is infected, this ransomware will encrypt the data files on the infected system and request a ransom to release the encrypted data files. If you have a system in your facility that is affected by this ransomware, bioMérieux , Inc. recommends you immediately disconnect the system from your network and contact your local IT department for further guidance.
We are currently in the process of implementing action plans with our customers to help guide them through the proper steps required to minimize risk and exposure from this ransomware for systems supporting bioMérieux, Inc. instrumentation.
Microsoft has released a security patch for the WannaCry ransomware vulnerability specific to each Windows Operating System version. Listed below are the Windows Operating Systems versions and appropriate patches.
Windows XP:
The only patch available for Windows XP is KB4012598
Windows 7 & Windows Server 2008:
Microsoft released a monthly security patch in March, 2017 to fix the WannaCry vulnerability. Each consecutive monthly security patch includes fixes from previous monthly patches. Your IT department only needs to install 1 of the 4 patches listed below to be protected.
KB4012212 (Released March, 2017)
KB4012215 (Released March, 2017)
KB4015549 (Released April, 2017)
KB4019264 (Released May, 2017)
Windows Embedded Standard 7 (32 bit) | Windows XP Embedded Service Pack 3 |
Windows Server 2008 (64-bit) | |
Windows 7 & Windows Server 2008:
Windows Embedded Standard 7:
Windows Server 2008:
Windows XP:
If the current Microsoft patches are not installed on the bioMérieux, Inc. systems, we recommend you work with your IT department to apply the appropriate patch using the directions listed below.
NOTE: After applying the patch to the MYLA® server, please use the RESTART shortcut on the server desktop. This insures MYLA services are closed properly.
To ensure additional protection from this ransomware and future attacks, bioMérieux, Inc. will not access this system remotely until we have confirmation from you that the appropriate security patch has been applied. Troubleshooting support will be provided through verbal instruction or on-site support as deemed necessary by bioMérieux, Inc.
bioMérieux, Inc. is dedicated to ongoing product improvements in order to provide you with innovative diagnostic solutions and services that improve public health. If you have any questions, please contact your local bioMérieux, Inc. Clinical Customer Service organization at (800) 682-2666.
Sincerely,
US Commercial Operations
bioMérieux, Inc.