Microsoft Windows RDP Vulnerability (CVE-2019-0708) Bulletin

17-May-2019

Stryker is aware of, and is monitoring and assessing, the Microsoft Windows RDP situation. Stryker’s product and global security operations teams are taking precautions to secure Stryker infrastructure and products from this new vulnerability.

A description of CVE-2019-0708 by Microsoft can be found here:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

Stryker has had no reports of this vulnerability being exploited in its infrastructure or affecting clinical use of company products. We are conducting a thorough review and assessment of products utilising Microsoft Operating Systems for potential impacts from these reported vulnerabilities and validating actions. Microsoft has released patches to help remediate these vulnerabilities.

Stryker is committed to the safety and security of our products when operated within Stryker’s approved product specifications. All changes of configuration or software to Stryker products follow change management procedures, are product-specific and are verified & validated. If a product does require security updates, configuration changes or other actions to be taken by our customers specific actions will be made available.

Please refer to the following recommendations of Microsoft regarding this vulnerability.

https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708

If you observe unusual symptoms, disconnect your system from the network and contact your Stryker service representative. Stryker will continue to monitor the situation and provide further updates and actions if needed.