Microsoft has issued the following statement and customer guidance for the WannaCry attacks: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Microsoft has issued the following statement regarding updates planned for the month of February:
Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.
Please refer to the following site for more information: https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/
Merge Cardiology Solutions
Vulnerability Reports: Merge continues its active survey of vendor vulnerability reports and additional information resources in order to remain abreast of threats announced by Microsoft and others. Security Bulletins are released by Microsoft on the second Tuesday monthly. Merge personnel immediately evaluate these bulletins to determine their applicability to our products.
Once applicable patches are identified, they are tested to make sure they will not adversely affect Merge systems. In the case of patches that are labeled Critical, Merge most often will make them available to customers in less than 5 days.
Internet Email Worms:
As we know, these attacks send electronics email messages with malware attachments that clog email systems and, if opened, can sometimes cause harm. Since Merge VERICIS acquisition systems and cardiac data management products are not used for email, these malware attacks will not affect these systems. Our diagnostic workstations are dedicated devices and, though based on a Windows platform, are not configured to, nor intended to operate with a email client.