Security...

 

Microsoft Security Bulletin Update

June 2005

Medical Automation Systems reviews all Microsoft security patches when they are released. No problems with the RALS systems have been found by our internal testing or reported by customers following the application of these security updates. The application of these updates to the standard RALS system configuration has been approved.  Microsoft rates some of these as 'critical' but the vulnerabilities may in fact pose no risk to the RALS system if customers adhere to the intended use of RALS.

We recommend that you apply these patches immediately to the RALS equipment.

  • MS05-025 - Cumulative Security Update for Internet Explorer (883939) - Critical

  • MS05-026 - Vulnerability in HTML Help Could Allow Remote Code Execution (896358) - Critical

  • MS05-027 - Vulnerability in Server Message Block Could Allow Remote Code Execution (896422) - Critical

    •

  • MS05-028 - Vulnerability in Web Client Service Could Allow Remote Code Execution (896426) -  Important

    •

  • MS05-029 - Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179) - Important

    •

  • MS05-030 - Cumulative Security Update in Outlook Express (897715) - Important

    •

  • MS05-031 - Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458) - Important

    •

  • MS05-032 - Vulnerability in Microsoft Agent Could Allow Spoofing (890046) - Moderate

    •

  • MS05-033 - Vulnerability in Telnet Client Could Allow Information Disclosure (896428) - Moderate

  • MS05-034 - Cumulative Security Update for ISA Server 2000 (899753) - Moderate

In response to these security updates released by Microsoft for the Critical updates MAS has conducted compatibility testing of these security patches with multiple versions of RALS systems.

  • RALS-Plus version 1.3 - complete

  • RALS-Plus version 1.2.1 SP1- complete

  • RALS-Plus version 1.2 SP1 - complete

  • RALS-Plus version 1.1 SP1 - complete

  • RALS-Lite version 1.0 -- complete

  • RALS-Web version 1.1 -- complete

Medical Automation Systems reviews all Microsoft security patches when they are released. No problems with the RALS systems have been found by our internal testing or reported by customers following the application of these security updates.  The application of these updates to the standard RALS system configuration has been approved.  Microsoft rates some of these as 'critical' but the vulnerabilities may in fact pose no risk to the RALS system if customers adhere to the intended use of RALS.

 

MS Patches NOT Critical to RALS Functionality If MAS determines that the vulnerability as described in a Microsoft bulletin should not adversely affect the RALS functionality when the system is used as intended, the security patch will be tested and included in the next routine product version release.  Should the user apply the patches, MAS cannot guarantee or warrant its operation or impact on the RALS system.  In this situation there will be no routine customer notification. 

 

MS Patches Critical to RALS Functionality If it is determined that the security vulnerability as described in a Microsoft bulletin is critical to the RALS functionality, MAS will notify customers via a broadcast email from SecurityUpdates@rals.com and by notice on the MAS website http://www.rals.com .

RALS-Plus I RALS-Web I RALS-eQuiz I RALS-TGCM I RALS-Report I Device Interfacing
Customer Support I Clinical Questions I MS Vulnerabilities I MS Updates I RRC Password of the Day
RRC Installation I RALS-Dataports I MAS News I About MAS I Case Studies
Contact Us I POC Links I Home I Legal Notice

© 2005 Medical Automation Systems, Inc., Charlottesville, VA USA. All rights reserved.