Security advisories notification for Meltdown and Spectre vulnerabilities

18-Jan-2018

Stryker is monitoring the situation with the Meltdown and Spectre vulnerabilities and recognises that some of our customers may be impacted.  We are not aware of any exploitation of these vulnerabilities on our products.  If Stryker products are found to be affected, product-specific updates and information will be distributed directly to customers.   

Meltdown and Spectre are Side-Channel attack vulnerabilities that impact CPU hardware which could allow sensitive content from memory regions to be accessed if exploited. These security vulnerabilities have been globally reported as known issues with Intel, AMD and ARM chips and are not linked to specific individual products or implementations. The difficulty in exploiting these vulnerabilities is high, any attack would likely require local or physical access, and the vulnerabilities do not have the potential to corrupt, modify or delete data.

For additional technical details and indicators associated with these vulnerabilities, please review US-CERT Alert (TA18-004A).   (https://www.us-cert.gov/ncas/alerts/TA18-004A)
Stryker is conducting a thorough review and investigation of the impact of these vulnerabilities to our products.  As CPU manufacturers, hardware vendors and operating system developers publish updates, we are committed to ensuring these updates will be examined, tested and when appropriate, updates made available for affected Stryker products.  We are following our procedures for testing and verification of any updates to our products to ensure they operate safely and securely prior to releasing.  If you have questions or concerns, please contact your Stryker representative and/or productsecurity@stryker.com.