This page is to inform owners of ZEISS Ophthalmic Diagnostics Instruments about:

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update

PrintNightmare is a vulnerability affecting Microsoft Windows operating systems (OS). As stated on Microsoft’s web site : “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.“

PrintNightmare does not affect safety and performance on any of the ZEISS devices. However, ZEISS recommends updating devices with the Microsoft patch and/or registry settings, as applicable, to ensure continued cybersecurity.

ZEISS has analyzed the impact of the vulnerability on ZEISS products running Windows OS and only devices listed below must run the update.

Refer to the table below for the respective update instructions to close this vulnerability for your corresponding ZEISS device. Please contact your local service team if you need support updating your device.

ZEISS CIRRUS

Model OS Link to Instructions for Updating ZEISS Device
Link to Download (use Internet Explorer or Edge)

ZEISS CIRRUS 500/5000/6000

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS CIRRUS 400/4000/500/5000

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

ZEISS CIRRUS photo

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS CIRRUS photo 600/800

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS CIRRUS photo 600/800

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“)

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

ZEISS ATLAS

Model OS Link to Instructions for Updating ZEISS Device
Link to Download (use Internet Explorer or Edge)

ZEISS ATLAS 9000

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS ATLAS 9000

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

ZEISS CLARUS 500/700

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS CLARUS 500/700

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS HFA3

Model OS Link to Instructions for Updating ZEISS Device
Link to Download (use Internet Explorer or Edge)

ZEISS HFA3

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

Note: the HFA3 is shipped with the instrument running in kiosk mode. To install the patch, disable Kiosk mode (Refer to instructions in the HFA3 IFU to access the Windows desktop), login as the IT Administrator user, run the “Kiosk OFF” shortcut on the desktop, and reboot the instrument.

1. KB5001402
2. KB5004948

ZEISS HFA3

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Note: the HFA3 is shipped with the instrument running in kiosk mode. To install the patch, disable Kiosk mode (Refer to instructions in the HFA3 IFU to access the Windows desktop), login as the IT Administrator user, run the “Kiosk OFF” shortcut on the desktop, and reboot the instrument.

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

 

ZEISS PLEX Elite

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS PLEX Elite 9000

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS PLEX Elite 9000

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

 

ZEISS PRIMUS 200

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS PRIMUS 200

 

Windows 10: serial numbers starting with 200-3XXXX and 200-5XXXX

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS PRIMUS 200

Windows 7: serial numbers starting with 200-0XXXX and 200-2XXXX

Please contact your Service Technician

N/A

 

ZEISS IOLMaster

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS IOLMaster 500

6. Generation, WinPOS

ZEISS IOLMaster 5.5 / IOLMaster 500 cybersecurity update

Zeiss-IOLMaster500-CVE-2021-34527-Patch.upt

ZEISS IOLMaster 5.5

6. Generation, WinPOS

ZEISS IOLMaster 5.5 / IOLMaster 500 cybersecurity update

Zeiss-IOLMaster500-CVE-2021-34527-Patch.upt

 

ZEISS IOLMaster 700

 

ZEISS IOLMaster 700 cybersecurity update

IOLMaster700UpdateOperatingSystem.upt

 

ZEISS SL Imaging Solution

Model Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS SL Imaging Solution

SL Imaging Solution

3 Files to download (unpack from zip):

  • Install_Patch_PrinterNightmare_CVE-2021-34527_ Win-10.cmd
  • LGPO.exe
  • PrintNightmare_1.lgpo.txt

ZEISS SL Workstation

Model Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS SL Workstation

SL Workstation cybersecurity update

3 Files to download (unpack from zip):

  • Install_Patch_PrinterNightmare_CVE-2021-34527_ Win-7.cmd
  • LGPO.exe
  • PrintNightmare_1.lgpo.txt

ZEISS VISUCAM

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS VISUCAM 224

 

VISUCAM cybersecurity update

CVE-2021-34527.zip

ZEISS VISUCAM 524

ZEISS Visucam 200 

Computer 1969-629

ZEISS VISUCAM PRO NM 2 

ZEISS VISUCAM NM/FA 2 

ZEISS VISUCAM 500

ZEISS VISUPAC

Model Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS VISUPAC 500

VISUPAC 500 cybersecurity update

3 Files to download (unpack from zip)

  • Install_Patch_PrinterNightmare_CVE-2021-34527_ Win-7.cmd
  • LGPO.exe
  • PrintNightmare_1.lgpo.txt