Product Security Updates

{{searchText ? ' for "' : ''}}{{searchText}}{{searchText ? '"' : ''}}

Windows 10 Pro End of Support

Updated July 22, 2024

BACKGROUND

As a part of Cepheid’s commitment to supporting our test menu while ensuring consistent security patch management, we are informing you of Microsoft’s Windows 10 Pro end of support on October 14, 2025. 

For all customers running Windows 10 Pro, Cepheid is recommending an upgrade to Windows 10 IoT Enterprise LTSC 2021 featuring the latest Cepheid product software version which ensures active support with the latest cybersecurity and data privacy protection until January 13, 2032.

Windows 7 OS is no longer actively supported by Microsoft and continued use may introduce potential exposure of data on that computer and any connected device(s) to cybersecurity vulnerabilities. If your system is connected to a Windows 7 OS PC/laptop, an upgrade is strongly recommended. Please see previous communication from Cepheid here

If you have any questions or concerns about transitioning to Windows 10 IoT Enterprise LTSC 2021,  please contact your local Cepheid representative. You may also contact Cepheid Technical Support. 

We value your continued business and loyalty to our products, appreciate your partnerships, and will continue to strive to work with you on a personalized transition option to our latest and highest quality solutions and technologies. 

 

Critical Vulnerability Notification: CVE-2016-2183 covering OpenSSL vulnerability  

Updated September 17, 2024

BACKGROUND

DES and Triple DES ciphers employed in TLS, SSH, and IPSec protocols may allow for remote attackers to gather cleartext data against a long-duration encrypted session. For more information, please reference the following: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183.

CEPHEID PRODUCTS AFFECTED

Infinity customers using GeneXpert Xpertise 6.8 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Cepheid recommends that this update be implemented by your organization’s IT department.

Please follow the steps below to apply the patch:

  1. On the system where the patch needs to be installed, in the Windows search bar enter “Windows Power Shell” and open it as an administrator
  2. Enter the command Disable-TlsCipherSuite -Name 'TLS_RSA_WITH_3DES_EDE_CBC_SHA' in the Windows PowerShell window
  3. Hit on the Enter button on your keyboard 

If you have any questions or concerns, please contact Cepheid Technical Support.

 

Critical Vulnerability Notification: CVE-2013-3900

Updated September 17, 2024

BACKGROUND

CVE-2013-3900 is a WinVerifyTrust vulnerability that affects a remote system and may lead to receipt of specially crafted requests. For more information, please reference the following: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3900.

CEPHEID PRODUCTS AFFECTED

Infinity customers using GeneXpert Xpertise 6.8 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Before updating the Windows registry file, Cepheid strongly recommends that you work with your IT group or representative to ensure the update is performed in a manner that does not affect the functioning of the system. If you have any questions or concerns, please contact Cepheid Technical Support.

Cepheid highly recommends backing up the registry and test result data or the database. For instructions on how to shut down the software and back up test result data, please consult the user manual.

Once back up of the registry and database or test data is complete, please follow the steps below:

1. Open "Registry Editor” and go to the below location and make the changes as below.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config]

"EnableCertPaddingCheck"="1"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config]

"EnableCertPaddingCheck"="1"

 

TLS Version 1.0 Protocol Detection & (4) TLS Version 1.1 Weak Protocol Notification   

Updated September 17, 2024

BACKGROUND

The remote server accepts connections encrypted using TLS 1.0, which has a number of cryptographic design flaws and the remote server also offers deprecated TLS 1.1, both which are only mitigated by newer versions TLS 1.2 and 1.3.

For more information, please reference the following:

CEPHEID PRODUCTS AFFECTED

Infinity customers using GeneXpert Xpertise 6.8 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Please enable support for TLS 1.2 and 1.3 while disabling TLS 1.0 or 1.1 which involves a Windows registry update.  

Before updating the Windows registry file, Cepheid strongly recommends that you work with your IT group or representative to ensure the update is performed in a manner that does not affect the functioning of the system. Cepheid highly recommends backing up the registry and test result data or the database. For instructions on how to shut down the software and back up test result data, please consult the user manual.

Once back up of the registry and database or test data is complete, please follow the steps below:

Steps to follow to apply this.                                           

  1. Search for "Registry Editor" in windows search bar. 
  2. Navigate to below path. Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ SecurityProviders\SCHANNEL\Protocols                                                                
  3. Under Protocols create two keys (folders) structure for TLS 1.0 and TLS 1.1. Note: Right click on the Protocols to create a new key.
  4. Under each TLS folders, create two more keys (folders) as Client and Server
  5. Click on client folder, on the RHS empty space, right click and select NEW-DWORD option.
  6. Rename to "Enabled" and should have the value set to "0". Note: Same values to be created for TLS 1.0 and TLS 1.1 and both client and server folders.
  7. Close the editor.
  8. Open SQL Server configuration manager.
  9. Click on SQL Server Services option.
  10. Stop and Start the SQL Server (MSSQLSERVER) service.
  11. Close the SQL server configuration manager application.
  12. Download Nmap tool from Google and install it in the system.
  13. Open command prompt and enter the below command: nmap -script ssl-enum-ciphers -p 1433 localhost
  14. Hit the Enter button on the keyboard.
  15. Verify that only TLS 1.2 and above is displayed in the cmd prompt.

If you have any questions or concerns, please contact Cepheid Technical Support.

 

Microsoft SQL Server Unsupported Version

Updated September 17, 2024

BACKGROUND

The installation of a particular version number of Microsoft SQL is no longer supported resulting in no new security patches for the product. The following unsupported installations of Microsoft SQL Server were detected:

  Installed version: 13.0.4259.0 Express Edition

  Install path: C:\Program Files\Microsoft SQL Server\MSSQL13.MSSQLSERVER\MSSQL\Binn

  Instance: MSSQLSERVER

  Minimum supported version: 13.0.6300.2 (2016 SP3)

CEPHEID PRODUCTS AFFECTED

Infinity customers using GeneXpert Xpertise 6.8 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Please upgrade to a version of Microsoft SQL that is currently supported. The correct Microsoft SQL version for download is available: https://www.microsoft.com/en-us/download/details.aspx?id=103440

The KB article from Microsoft with information on updates is available here: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/sqlserver-2016/servicepack3.

If you have any questions or concerns, please contact Cepheid Technical Support.

 

Microsoft Windows LM / NTMv1 Authentication Enabled

Updated September 17, 2024

BACKGROUND

The remote host is configured to attempt LM and/or NTLMv1 for outbound authentication, and these protocols employe weak encryption. A remote attacker who is able to read LM or NTLMv1 challenge and response packets could exploit this to get a user's LM or NTLM hash allowing an attacker to authenticate as that user. For more information, please reference the following: https://www.tenable.com/plugins/nessus/63478.

CEPHEID PRODUCTS AFFECTED

Infinity customers using GeneXpert Xpertise 6.8 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Before updating the Windows registry file, Cepheid strongly recommends that you work with your IT group or representative to ensure the update is performed in a manner that does not affect the functioning of the system. If you have any questions or concerns, please contact Cepheid Technical Support.

Cepheid highly recommends backing up the registry and test result data or the database. For instructions on how to shut down the software and back up test result data, please consult the user manual.

Once back up of the registry and database or test data is complete, please follow the steps below:

  1. On the system where the patch needs to be installed, in the Windows search bar enter “Registry Editor" and open Registry Editor.
  2. Go to the location HKLM\SYSTEM\CurrentControlSet\Control\Lsa\LmCompatibilityLevel and update the LmCompatibilityLevel as "1"

If you have any questions or concerns, please contact Cepheid Technical Support.

 

Critical Vulnerability Notification: CVE-2024-21409 covering .NET Framework Update Notification

Updated September 17, 2024

BACKGROUND

The Microsoft .NET Framework installation on the remote host is missing a security update and is affected by remote code execution vulnerability. Additional information can be found on Microsoft’s webpage or the National Vulnerability Database:

CEPHEID PRODUCTS AFFECTED

Dx customers using GeneXpert Dx 6.5 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Please download the following updates covering Windows 22H2 for Windows 10 Pro or Windows 22H2 for x64 specific to Windows 10 IoT LTSC.

https://catalog.update.microsoft.com/Search.aspx?q=5036618

Microsoft has announced an October 14, 2025 end of support date for Windows 10 Pro, and Cepheid recommends an upgrade to Windows 10 IoT Enterprise LTSC 2021. If you have any questions or concerns, please contact Cepheid Technical Support or your local representative.

 

Java Update Notification

Updated September 17, 2024

BACKGROUND

The 8u401, 20.3.13, 21.3.9, 11.0.23, 17.0.11, 21.0.3, 22 and perf versions of Java installed on the remote host are affected by multiple vulnerabilities. For more information, a critical patch update advisory can be viewed here: https://www.oracle.com/security-alerts/cpuapr2024.html.

The following CVEs are in scope: CVE-2023-32643, CVE-2023-41993, CVE-2024-20954, CVE-2024-21002, CVE-2024-21003, CVE-2024-21004, CVE-2024-21005, CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094, CVE-2024-21098, CVE-2024-21892

CEPHEID PRODUCTS AFFECTED

Dx customers using GeneXpert Dx 6.5 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Please upgrade to the latest patched version of Java 8 that is available at this link below. A restart of the PC or laptop may be required.

https://www.java.com/en/download/

If you have any questions or concerns, please contact Cepheid Technical Support.

 

Apache Log4j 2.16.0 Upgrade Notification 

Updated September 17, 2024

BACKGROUND

Apache Log4j 1.2 is impacted by a remote code execution vulnerability when configured to use JMSAppender.

The following CVEs are in scope: CVE-2021-4104, CVE-2019-17571, CVE-2020-9488, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307, CVE-2023-26464.

CEPHEID PRODUCTS AFFECTED

Dx customers using GeneXpert Dx 6.5 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Please ensure you have applied KB5011644 patch for Microsoft SQL Server to remove log4j-1.2.17 and allow your system to be fully protected from this vulnerability. The correct link can be found below and click ‘Download’ to proceed.

https://www.catalog.update.microsoft.com/Search.aspx?q=KB5011644

If you have any questions or concerns, please contact Cepheid Technical Support.

 

Critical Vulnerability Notification: CVE-2024-4761

Updated September 17, 2024

BACKGROUND

CVE-2024-4761 is a vulnerability impacting Microsoft Edge which may lead to a remote party to perform an out of bounds memory write through a crated HTML page. For more information, please reference the following: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4761.

CEPHEID PRODUCTS AFFECTED

Dx customers using GeneXpert Dx 6.5 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Please check the current version of Microsoft Edge to ensure Microsoft Edge version 124.0.2478.105 or later. Note that allowing Microsoft Windows security updates will automatically enable the patch for affected customers. For further information on how to determine your system’s version of Microsoft Edge, please consult your IT group or follow your organization’s IT governance policies. If you have any questions or concerns, please contact Cepheid Technical Support.

 

Critical Vulnerability Notification: CVE-2016-2183

Updated September 17, 2024

BACKGROUND

CVE-2016-2183 relates to block ciphers within SSL/TLS protocols with a number of cryptographic design flaws, and under specific configurations, a collision attack is possible. For more information, please reference the following: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183.

CEPHEID PRODUCTS AFFECTED

Dx customers using GeneXpert Dx 6.5 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Please enable support for TLS 1.2 and/or 1.3 while simultaneously disabling support for TLS 1.0 and/or 1.1 to mitigate this issue as newer versions of TLS 1.2 and 1.3 are designed to protect against these flaws. To enable support:

  1. Go to Control Panel and search for Internet Properties
  2. Go to the Advanced Tab
  3. Uncheck TLS 1.0 and/or TLS 1.1 box
  4. Check TLS 1.2 and/or TLS 1.3 box

If you have any questions or concerns, please contact Cepheid Technical Support.

 

Critical Vulnerability Associated with Windows Permissions

Updated September 17, 2024

BACKGROUND

Windows service executable with insecure permissions on the remote host may allow an unprivileged user to potentially overwrite with arbitrary code resulting in privilege escalation. For more information, please reference the following: https://www.tenable.com/plugins/nessus/65057.  

CEPHEID PRODUCTS AFFECTED

Dx customers using GeneXpert Dx 6.5 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Cepheid recommends that this update be implemented by your organization’s IT department.

Please ensure that the following groups do not have permissions to modify or write service executable files that contain service executables:

  • Everyone
  • Users
  • Domain Users
  • Authenticated Users

For more detailed information on steps related to this update, please contact Cepheid Technical Support.

 

Critical Vulnerability Notification: CVE-2023-36728  

Updated July 15, 2024

BACKGROUND

CVE-2023-36728 is a vulnerability impacting SQL which may lead to denial of service due to Microsoft SQL Server installation on a remote host missing a security update. For more information, please reference the following: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36728

CEPHEID PRODUCTS AFFECTED

GeneXpert Xpress customers using GeneXpert Xpress 6.4a software are impacted.

ACTIONS REQUIRED BY CUSTOMERS 

Please ensure you have updated to the relevant version of SQL Server below which would allow your system to be fully protected from this vulnerability. The correct link can be found below and click ‘Download’ to proceed: 

https://www.catalog.update.microsoft.com/Search.aspx?q=KB5029376

Cepheid highly recommends backing up test result data or the database before the patch is installed. For instructions on how to shut down the software and back up test result data, please consult the user manual. For further information regarding installation, please consult your IT group or follow your organization’s IT governance policies. If you have any questions or concerns, please contact Cepheid Technical Support. 

 

Critical Vulnerability Notification: CVE-2013-3900  

Updated July 15, 2024

BACKGROUND

CVE-2013-3900 is a WinVerifyTrust vulnerability that affects a remote system and may lead to receipt of specially crafted requests. 

CEPHEID PRODUCTS AFFECTED

GeneXpert Xpress customers using GeneXpert Xpress 6.4a software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Before updating the Windows registry file, Cepheid strongly recommends that you work with your IT group or representative to ensure the update is performed in a manner that does not affect the functioning of the system. If you have any questions or concerns, please contact Cepheid Technical Support.

Cepheid highly recommends backing up the registry and test result data or the database. For instructions on how to shut down the software and back up test result data, please consult the user manual.

Once back up of the registry and database or test data is complete, please add and enable registry value EnableCertPaddingCheck:

  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config\EnableCertPaddingCheck

For 64 Bit OS systems, please add and enable registry value EnableCertPaddingCheck:

  • HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config\EnableCertPaddingCheck 

More information on how to update registry keys can be found here:
https://learn.microsoft.com/en-us/answers/questions/1182542/cve-2013-3900-winverifytrust-signature-validation

 

Internet Explorer & Adobe Reader Version Update Notification  

Updated July 15, 2024

BACKGROUND 

This notification is to inform you of recommended configuration updates to programs on your system. 

Adobe Reader: Adobe has released a planned update Reader in 2024. 

Internet Explorer: Microsoft has ended support for Internet Explorer as of June 15, 2022

CEPHEID PRODUCTS AFFECTED

GeneXpert Xpress customers using GeneXpert Xpress 6.4a software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

For Adobe Reader, please ensure the latest updates to Adobe Reader are downloaded. After launching Reader, choose ‘Help’ > ‘Check for Updates’ and follow the steps in the Update window to download and install the latest updates. Alternatively, installers can be found here: https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/classic/dcclassic20.005feb2024.html.

For Internet Explorer, please complete the following configuration changes on your system:

  1. Select Windows logo key+R.
  2. In the Run, enter OptionalFeatures.exe, and then select OK.
  3. In the Windows Features dialog box, clear the checkbox for the installed version of Internet Explorer. For example, find Internet Explorer 11 and then clear its checkbox.
  4. Select OK.
  5. Restart the computer.

If you are still running Windows 7 or have any questions or concerns, please contact Cepheid Technical Support.

 

Critical Vulnerability Notification: CVE-2023-36042 .NET framework denial of service vulnerability  

Updated May 22, 2024

BACKGROUND

CVE-2023-36042 is a vulnerability that affects .NET framework 3.5 and 4.8 which may lead to denial of service. For more information, please reference the following: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36042

CEPHEID PRODUCTS AFFECTED

Infinity customers using GeneXpert Xpertise 6.8 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS 

Please ensure you have downloaded the Microsoft Windows January 2024 Security Update which would allow your system to be fully protected from this vulnerability. Customers with automatic updates do not need to take further action.

If you have not yet automated Windows updates, select Start > Settings > Update & Security > Windows Update and then select ‘Check for updates’. 

Cepheid highly recommends backing up test result data or the database using the Xpertise Application before the patch is installed. For instructions on how to shut down the Xpertise software and back up test result data, please consult the user manual. For further information regarding installation, please consult your IT group or follow your organization's IT governance policies.

If you are still running Windows 7 or have any questions or concerns, please contact Cepheid Technical Support.  

 

Windows 10 Security Update 5033372  

Updated May 22, 2024

BACKGROUND

This notice is to inform you that Cepheid has validated Microsoft Security Update 5033372 to support the Windows OS build.   

CEPHEID PRODUCTS AFFECTED

Infinity customers using GeneXpert Xpertise 6.8 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Please ensure you have downloaded the latest Microsoft Windows Security Update which would allow your system to be fully protected from this vulnerability. Customers with automatic updates do not need to take further action.

If you have not yet automated Windows updates, select Start > Settings > Update & Security > Windows Update and then select ‘Check for updates’. 

Cepheid highly recommends backing up test result data or the database using the Xpertise Application before the patch is installed. For instructions on how to shut down the Xpertise software and back up test result data, please consult the user manual. For further information regarding installation, please consult your IT group or follow your organization's IT governance policies.

If you are still running Windows 7 or have any questions or concerns, please contact Cepheid Technical Support.  

 

Critical Vulnerability Notification: CVE-2011-1353  

Updated May 22, 2024

BACKGROUND 

CVE-2011-1353 is a vulnerability that resides in Adobe Reader 10.x before 10.1.1 on Windows allowing local users to potentially gain privileges through unknown vectors. For more information, please reference the following: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1353

CEPHEID PRODUCTS AFFECTED

Infinity customers using GeneXpert Xpertise 6.8 software are impacted.

ACTIONS REQUIRED BY CUSTOMERS

Please ensure the latest updates to Adobe Reader are downloaded. After launching Reader, choose ‘Help’ > ‘Check for Updates’ and follow the steps in the Update window to download and install the latest updates. 

Cepheid highly recommends backing up test result data or the database using the Xpertise Application before the patch is installed. For instructions on how to shut down the Xpertise software and back up test result data, please consult the user manual. For further information regarding installation, please consult your IT group or follow your organization's IT governance policies.

If you are still running Windows 7 or have any questions or concerns, please contact Cepheid Technical Support.  

 

Critical Vulnerability Notification: CVE-2023-4863 Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2

Updated December 5, 2023

BACKGROUND

The National Vulnerability Database is tracking vulnerability iCVE-2023-4863 which resides in Chromium Open Source Software (OSS) and is used to render webp images. The library is widely incorporated in web browsers which use libsebp library, including Microsoft Edge, Google Chrome, and Mozilla Firefox. The vulnerability enables a remote attacker to perform an out of bounds memory write via a crafted HTML page which may result in the execution of code that could potentially compromise systems.

CEPHEID PRODUCTS AFFECTED

The default browser used on Cepheid products is either Microsoft Internet Explorer or Edge. Cepheid does not ship our products with Google Chrome or Firefox web browsers and Microsoft Internet Explorer is not affected by this vulnerability. In addition, the Operator Manuals for our software include instructions not to install non-standard applications nor change settings for default applications shipped with computers or tablets.

ACTIONS REQUIRED BY CUSTOMERS

Remove and discontinue use of any unauthorized web browsers, including Google Chrome or Firefox. Check the current version of Microsoft Edge to ensure the version is Microsoft Edge (Stable) version 117.0.2045.31 or later. Note that allowing Microsoft Windows security updates will automatically enable the patch for affected customers. For further information onhow to determine your system’s version of Microsoft Edge, please consult your IT group or follow your organization's IT governance policies.

If you have any questions or concerns, please contact Cepheid technical support or one of the phone numbers/email addresses in your region.

 

Microsoft SQL Server 2016 Service Pack 3 on Windows 10 operating system running GeneXpert Xpertise 6.8 Software on Infinity Systems

Updated December 5, 2023

BACKGROUND

 This notice is to inform you that Cepheid has validated Microsoft SQL Server 2016 Service Pack 3 (KB5003279) for Infinity customers using GeneXpert Xpertise 6.8 software.

 ACTIONS REQUIRED BY CUSTOMERS

The following Microsoft SQL Server 2016 Service Pack 3 is safe to install on the system running GeneXpert Xpertise 6.8 software:

• MS SQL Server 2016 Service Pack 3 (KB5003279) from https://www.microsoft.com/en-us/download/details.aspx?id=103440

Cepheid recommends shutting down the Xpertise software prior to performing the patch. A backup of the database using the Xpertise Application before the patch is installed is also highly recommended. For instructions on how to shut down the Xpertise software and back up the Xpertise software and user data, please consult the user manual. For further information regarding installation, please consult your IT group or follow your organization's IT governance policies.

End of Windows 7 Cybersecurity Support for GeneXpert® Systems

Updated June 30, 2023

BACKGROUND

Microsoft ended Windows 7 Operating System (OS) support in January 2020, discontinuing patches and updates. Consequently, Cepheid is no longer able to support the latest cybersecurity and privacy standards on Windows 7 OS computers. Your instrument software and current tests will continue to work with Windows 7 OS. However, as of June 30, 2023 all future GeneXpert Dx, Infinity Xpertise, or Xpert Check software releases (the GeneXpert systems) will not be compatible with Windows 7 OS.

For More Information, please see here

 

Log4Shell (Apache Log4j)

Updated July 8th, 2022

BACKGROUND

On December 10, 2021, a critical vulnerability (CVE-2021-44228) was reported in Apache Log4j. The
vulnerability impacts multiple versions of the Apache Log4j utility and the applications that use it. The
vulnerability allows an attacker to execute arbitrary code.

RESPONSE

Cepheid teams have successfully analyzed and addressed the potential security risk to our product portfolio, in the form of a revised software patch. Communication has been sent out to all the customers that may benefit from the software patch, outlining the process to request the patch. Customers are encouraged to request the patch for a more secure user experience.

Individuals or organizations with additional product security concerns are encouraged to contact their local Cepheid Technical support team at techsupport@cepheid.com or email productsecurity@cepheid.com

 

PrintNightmare Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527, CVE-2021-36947, CVE-2021-36936, CVE-2021-34483, CVE-2021-34481, CVE-2021-36958)

Updated Septemer 14th, 2021

BACKGROUND

On July 6th, 2021, Microsoft released a patch for a critical Remote Code Execution vulnerability to address CVE-2021-34527. The Microsoft Windows Print Spooler service fails to restrict access to functionality that allows users to add printers and related drivers, which can allow a remote authenticated attacker to execute arbitrary code with SYSTEM privileges on a vulnerable system. Since then, multiple CVE’s have been added as part of the combined “PrintNightmare” vulnerability, along with additional patches.

This vulnerability impacts all windows operating systems.

RESPONSE

Cepheid’s research and development teams are analyzing the Microsoft patches for CVE-2021-34527, CVE-2021-36947, CVE-2021-36936, CVE-2021-34483, CVE-2021-34481 for impact to affected products.

 

CryptoAPI

Updated January 20th, 2020

BACKGROUND

On January 14, 2020, Microsoft released patches to remediate 49 vulnerabilities within their monthly Patch Tuesday announcement. Amongst the available patches, is the vulnerability (CVE-2020-0601) affecting Microsoft Windows cryptographic functionality known as Windows CryptoAPI. The vulnerability affects GeneXpert systems running on Windows 10 Professional.

RESPONSE

Cepheid is aware of this identified vulnerability and is currently monitoring related developments. Cepheid has not received any reports of these vulnerabilities affecting the clinical use of our products and is evaluating the potential impact of the vulnerability on its products.

Cepheid has not yet confirmed compatibility of its GeneXpert systems with patches that mitigate CVE-2020-0601. The compatibility testing process is underway, and we expect it to be completed within the next several weeks.   

If you would like to be notified when compatibility testing is completed, please contact your local Cepheid Technical support team or email productsecurity@cepheid.com.

DejaBlue

September 13th, 2019

BACKGROUND

On August 13, 2019 Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.

The affected versions of Windows are Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions.

Windows XP, Windows Server 2003, and Windows Server 2008 are not affected, nor is the Remote Desktop Protocol (RDP) itself affected.

RESPONSE

Cepheid has validated the installation of the following Microsoft patches for its GeneXpert systems and where appropriate, developed specific customer instructions for those systems. For detailed information on each Cepheid product, please see product list below.

If you have any questions, please contact your local Cepheid Technical support team or email productsecurity@cepheid.com.

Software Version Patch Location Additional Steps
GeneXpert Dx

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226

Install patch for your operating system and build Restart computer
Xpertise G1

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226

Install patch for your operating system and build Restart computer
Xpertise G2

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226

Install patch for your operating system and build Restart computer
GeneXpert Xpress

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226

Install patch for your operating system and build Restart computer
Cepheid Link

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226

Install patch for your operating system and build Restart computer
XpertCheck

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226

Install patch for your operating system and build Restart computer

CVE-2019-0708 Remote Desktop Protocol Vulnerability (Bluekeep)

Updated July 25th, 2019

BACKGROUND

On May 15th, 2019, Microsoft released a patch for a critical Remote Code Execution vulnerability in Remote Desktop Services (CVE-2019-0708). CVE-2019-0708 is a vulnerability, not a virus. This vulnerability can be exploited remotely without authentication on systems that use Remote Desktop Services as part of Windows XP and Windows 7.

RESPONSE

Cepheid has validated the installation of the Microsoft patch for CVE-2019-0708 and where appropriate, developed specific customer instructions for those systems. For detailed information on each Cepheid product, please see products list below.

If you have any questions, please contact your local Cepheid Technical support team or email productsecurity@cepheid.com.

Product Line Patch Location Additional Steps
Dx SW

Win XP:  https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
Win 7:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

Restart PC after installation of patch
Xpertise SW - G1 Win XP:  https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
Win 7:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708    
Restart PC after installation of patch
Xpertise SW - G2 Win XP:  https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
Win 7:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708    
Restart PC after installation of patch
Xpress Win XP:  https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
Win 7:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708    
Restart PC after installation of patch
ONCore Win XP:  https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
Win 7:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708    
Restart PC after installation of patch
Cepheid Link Win XP:  https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
Win 7:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708    
Restart PC after installation of patch
XpertCheck Win XP:  https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708
Win 7:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708    
Restart PC after installation of patch

Updated June 13th, 2019

RESPONSE

Cepheid is aware of this identified vulnerability and is currently monitoring related developments. Cepheid has not received any reports of these vulnerabilities affecting the clinical use of our products and is evaluating the potential impact of the vulnerability on its products.

Cepheid has not yet confirmed compatibility of its GeneXpert systems with patches that mitigate CVE-2019-0708. The compatibility testing process is underway, and we expect it to be completed within the next several weeks.

If you would like to be notified when compatibility testing is completed, please contact your local Cepheid Technical support team or email productsecurity@cepheid.com