Esta página é para informar os proprietários dos Instrumentos de Diagnóstico Oftalmológico ZEISS:

Microsoft Windows Print Spooler Vulnerabilidade CVE-2021-34527 ("PrintNightmare") Atualização de Cybersecurity

“PrintNightmare” é o nome de uma falha de segurança que atinge dispositivos que funcionam com sistemas operacionais Microsoft Windows. Segundo a Microsoft, “Há uma vulnerabilidade de execução de código remoto quando o serviço Windows Print Spooler executa operações de arquivo de forma indevida com determinadas permissões. Um invasor poderia explorar com sucesso esta vulnerabilidade e executar códigos arbitrários com permissões do sistema. O invasor poderia instalar programas, visualizar dados, modificar ou excluir ou criar novas contas com direitos de usuário ilimitados.“

O “PrintNightmare” não prejudica a segurança nem o funcionamento dos produtos ZEISS. Contudo, oferecemos uma atualização de segurança (Patch) para o seu dispositivo, a fim de solucionar a vulnerabilidade causada pelo “PrintNightmare”.

A ZEISS verificou quais os efeitos da vulnerabilidade de segurança nos produtos ZEISS com sistema operacional Windows. Apenas os produtos listados abaixo requerem uma atualização.

Consulte a tabela abaixo para obter as respectivas instruções de instalação para a atualização, de modo que a vulnerabilidade de segurança em seu dispositivo ZEISS possa ser solucionada. Entre em contato com a equipe de suporte local caso precise de ajuda para atualizar seu dispositivo ZEISS.

ZEISS CIRRUS

Model OS Link to Instructions for Updating ZEISS Device
Link to Download (use Internet Explorer or Edge)

ZEISS CIRRUS 500/5000/6000

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS CIRRUS 400/4000/500/5000

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

ZEISS CIRRUS photo

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS CIRRUS photo 600/800

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS CIRRUS photo 600/800

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“)

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

ZEISS ATLAS

Model OS Link to Instructions for Updating ZEISS Device
Link to Download (use Internet Explorer or Edge)

ZEISS ATLAS 9000

Windows 10

Windows 10Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS ATLAS 9000

Windows 7

Windows 7Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

ZEISS CLARUS 500/700

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS CLARUS 500/700

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS HFA3

Model OS Link to Instructions for Updating ZEISS Device
Link to Download (use Internet Explorer or Edge)

ZEISS HFA3

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

Note: the HFA3 is shipped with the instrument running in kiosk mode. To install the patch, disable Kiosk mode (Refer to instructions in the HFA3 IFU to access the Windows desktop), login as the IT Administrator user, run the “Kiosk OFF” shortcut on the desktop, and reboot the instrument.

1. KB5001402
2. KB5004948

ZEISS HFA3

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Note: the HFA3 is shipped with the instrument running in kiosk mode. To install the patch, disable Kiosk mode (Refer to instructions in the HFA3 IFU to access the Windows desktop), login as the IT Administrator user, run the “Kiosk OFF” shortcut on the desktop, and reboot the instrument.

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

 

ZEISS PLEX Elite

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS PLEX Elite 9000

Windows 10

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS PLEX Elite 9000

Windows 7

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 7 OS

Follow instructions (see column to the left titled “Link to Instructions for Updating ZEISS Device”)

 

ZEISS PRIMUS 200

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS PRIMUS 200

 

Windows 10: serial numbers starting with 200-3XXXX and 200-5XXXX

Microsoft Windows Print Spooler Vulnerability CVE-2021-34527 (“PrintNightmare“) Cybersecurity Update For Windows 10 OS

1. KB5001402
2. KB5004948

ZEISS PRIMUS 200

Windows 7: serial numbers starting with 200-0XXXX and 200-2XXXX

Please contact your Service Technician

N/A

 

ZEISS IOLMaster

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS IOLMaster 500

6. Generation, WinPOS

ZEISS IOLMaster 5.5 / IOLMaster 500 cybersecurity update

Zeiss-IOLMaster500-CVE-2021-34527-Patch.upt

ZEISS IOLMaster 5.5

 

ZEISS IOLMaster 700

 

ZEISS IOLMaster 700 cybersecurity update

IOLMaster700UpdateOperatingSystem.upt

 

ZEISS SL Imaging Solution

Model Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS SL Imaging Solution

SL Imaging Solution

3 Files to download (unpack from zip):

  • Install_Patch_PrinterNightmare_CVE-2021-34527_ Win-10.cmd
  • LGPO.exe
  • PrintNightmare_1.lgpo.txt

ZEISS SL Workstation

Model Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS SL Workstation

SL Workstation cybersecurity update

3 Files to download (unpack from zip):

  • Install_Patch_PrinterNightmare_CVE-2021-34527_ Win-7.cmd
  • LGPO.exe
  • PrintNightmare_1.lgpo.txt

ZEISS VISUCAM

Model OS Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS VISUCAM 224

 

VISUCAM cybersecurity update

CVE-2021-34527.zip

ZEISS VISUCAM 524

ZEISS Visucam 200 

Computer 1969-629

ZEISS VISUCAM PRO NM 2 

ZEISS VISUCAM NM/FA 2 

ZEISS VISUCAM 500

ZEISS VISUPAC

Model Link to Instructions for Updating ZEISS Device Link to Download (use Internet Explorer or Edge)

ZEISS VISUPAC 500

VISUPAC 500 cybersecurity update

3 Files to download (unpack from zip)

  • Install_Patch_PrinterNightmare_CVE-2021-34527_ Win-7.cmd
  • LGPO.exe
  • PrintNightmare_1.lgpo.txt