RALS-Plus
RALS-Web
Device Interfacing

Customer Support

Request for Info
MAS News
Clinical Questions
About MAS
Contact MAS
Home
Also from MAS...

TIARA™ Diabetes Education Software

Security...

Microsoft Bulletin MS04-007:
MAS Update: Microsoft ASN.1 Security Vulnerability

To:

RALS-Plus & RALS-G Customers

From:

MAS Technology Infrastructure and
RALS-Plus Product Line Management

Date: February 27, 2004

Email has been sent to RALS customers
as a reminder of the importance of this patch

In response to the latest security updates released by Microsoft for the ASN.1 vulnerability, MAS has conducted compatibility testing of the MS04-007 with multiple versions of RALS systems.

No problems with the RALS systems have been found by our internal testing or reported by customers following the application of this security update.    This application of this security update to the standard RALS system configuration has been approved and is strongly recommended.

The following RALS products were tested with this security update:

  • RALS-Plus version 1.2.1 – RCS & IMS

  • RALS-Plus version 1.2i – RCS & IMS

  • RALS-Plus version 1.1SP1 – RCS & IMS(WinNT4ws)

  • RALS-G version 2.4.5 -- CMS(WinNT4ws)

Please note: This testing included only a limited number of the more critical test cases compared with a full test cycle. This security update will be included in the next major RALS-Plus release and will receive a full suite of testing with that release. Other versions and configurations within the RALS product line have not been tested. 

However, based on the successful testing with these versions, customer feedback with patched application on other versions, and the similarities of the RALS software code base between the various versions, the patch is approved for application to these other RALS systems as well.  

The expected operating environment for RALS-Plus and RALS-G is within a protected internal hospital network.  Sites are encouraged to use firewall systems at the network borders to block external access to any ports unless specific external access is required.  This can minimize the risk of successful attacks originating from outside the perimeter.

Links to Microsoft documents about this security issue:

MS Bulletin MS04-007

MS patch download for Windows 2000

MS patch download for Windows NT4 Workstation SP6a

Please contact MAS technical support for assistance 877-627-7257

© 2004 Medical Automation Systems, Inc., Charlottesville, VA USA.
All rights reserved. Legal Notice.