Cette page est destinée à informer les propriétaires d'instruments de diagnostic ophtalmique ZEISS:

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Mise à jour de sécurité

“PrintNightmare” est le nom d'une faille de sécurité affectant les appareils exécutant les systèmes d'exploitation Microsoft Windows. Selon Microsoft, “une vulnérabilité d'exécution de code à distance existe lorsque le service Windows Print Spooler effectue incorrectement des opérations de fichier avec certains privilèges. Un attaquant ayant réussi à exploiter cette vulnérabilité pourrait exécuter du code arbitraire avec les privilèges SYSTÈME. L'attaquant pourrait alors installer des programmes, visualiser, modifier ou supprimer des données, ou créer de nouveaux comptes avec des droits d'utilisateur Illimités."

“PrintNightmare” n'affecte pas la sécurité ou la fonctionnalité de ZEISS produits. Néanmoins, nous vous proposons une mise à jour de sécurité (patch) pour votre appareil afin de combler la faille de sécurité “PrintNightmare”.

ZEISS a vérifié l'impact de cette faille de sécurité sur les produits ZEISS équipés d'un système d'exploitation Windows. Seuls les produits énumérés ci-dessous nécessitent une mise à jour.

Veuillez vous référer au tableau ci-dessous pour les instructions d'installation respectives de la mise à jour afin que la faille de sécurité de votre appareil ZEISS puisse être comblée. Veuillez contacter l'équipe d'assistance locale si vous avez besoin d'aide pour mettre votre appareil ZEISS à jour.

ZEISS CIRRUS

Model OS Link to Instructions for Updating ZEISS Device
Link to Download (use Internet Explorer or Edge)

ZEISS CIRRUS 500/5000/6000

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS CIRRUS 400/4000/500/5000

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

ZEISS CIRRUS photo

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS CIRRUS photo 600/800

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS CIRRUS photo 600/800

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“)

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

ZEISS ATLAS

Model OS Link to Instructions for Updating ZEISS Device
Link to Download (use Internet Explorer or Edge)

ZEISS ATLAS 9000

Windows 10

Windows 10Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS ATLAS 9000

Windows 7

Windows 7Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

ZEISS CLARUS 500/700

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS CLARUS 500/700

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS HFA3

Model OS Link to Instructions for Updating ZEISS Device
Link to Download (use Internet Explorer or Edge)

ZEISS HFA3

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

Note: the HFA3 is shipped with the instrument running in kiosk mode. To install the patch, disable Kiosk mode (Refer to instructions in the HFA3 IFU to access the Windows desktop), login as the IT Administrator user, run the “Kiosk OFF” shortcut on the desktop, and reboot the instrument.

1. KB5001402
2. KB5004948

ZEISS HFA3

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Note: the HFA3 is shipped with the instrument running in kiosk mode. To install the patch, disable Kiosk mode (Refer to instructions in the HFA3 IFU to access the Windows desktop), login as the IT Administrator user, run the “Kiosk OFF” shortcut on the desktop, and reboot the instrument.

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

 

ZEISS PLEX Elite

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS PLEX Elite 9000

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS PLEX Elite 9000

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

 

ZEISS PRIMUS 200

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS PRIMUS 200

 

Windows 10: serial numbers starting with 200-3XXXX and 200-5XXXX

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS PRIMUS 200

Windows 7: serial numbers starting with 200-0XXXX and 200-2XXXX

Please contact your Service Technician

N/A

 

ZEISS IOLMaster

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS IOLMaster 500

6. Generation, WinPOS

ZEISS IOLMaster 5.5 / IOLMaster 500 cybersecurity update

Zeiss-IOLMaster500-CVE-2021-34527-Patch.upt

ZEISS IOLMaster 5.5

 

ZEISS IOLMaster 700

 

ZEISS IOLMaster 700 cybersecurity update

IOLMaster700UpdateOperatingSystem.upt

 

ZEISS SL Imaging Solution

Model Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS SL Imaging Solution

SL Imaging Solution

3 Files to download (unpack from zip):

  • Install_Patch_PrinterNightmare_CVE-2021-34527_ Win-10.cmd
  • LGPO.exe
  • PrintNightmare_1.lgpo.txt

ZEISS SL Workstation

Model Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS SL Workstation

SL Workstation cybersecurity update

3 Files to download (unpack from zip):

  • Install_Patch_PrinterNightmare_CVE-2021-34527_ Win-7.cmd
  • LGPO.exe
  • PrintNightmare_1.lgpo.txt

ZEISS VISUCAM

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS VISUCAM 224

 

VISUCAM cybersecurity update

CVE-2021-34527.zip

ZEISS VISUCAM 524

ZEISS Visucam 200 

Computer 1969-629

ZEISS VISUCAM PRO NM 2 

ZEISS VISUCAM NM/FA 2 

ZEISS VISUCAM 500

ZEISS VISUPAC

Model Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS VISUPAC 500

VISUPAC 500 cybersecurity update

3 Files to download (unpack from zip)

  • Install_Patch_PrinterNightmare_CVE-2021-34527_ Win-7.cmd
  • LGPO.exe
  • PrintNightmare_1.lgpo.txt