Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Thursday August 31 2017, @03:27PM   Printer-friendly
from the have-a-heart dept.

Ars Technica is reporting that 465,000 patients have been told to visit their doctor to patch a critical pacemaker vulnerability.

Cardiac pacemakers are small devices that are implanted in a patient's upper chest to correct abnormal or irregular heart rhythms. Pacemakers are generally outfitted with small radio-frequency equipment so the devices can be maintained remotely. That way, new surgeries aren't required after they're implanted. Like many wireless devices, pacemakers from Abbott Laboratories contain critical flaws that allow hijackers within radio range to seize control while the pacemakers are running.

"If there were a successful attack, an unauthorized individual (i.e., a nearby attacker) could gain access and issue commands to the implanted medical device through radio frequency (RF) transmission capability, and those unauthorized commands could modify device settings (e.g., stop pacing) or impact device functionality," Abbott representatives wrote in an open letter to doctors.

Also covered at Reuters.

The Abbot open letter also highlights that the upgrade process is not flawless:

Based on our previous firmware update experience, as with any software update, there is a very
low rate of malfunction resulting from the update. These risks (and their associated rates) include
but are not limited to:
  * reloading of previous firmware version due to incomplete update (0.161%),
  * loss of currently programmed device settings (0.023%),
  * complete loss of device functionality (0.003%), and
  * loss of diagnostic data (not reported).


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Virindi on Thursday August 31 2017, @08:09PM

    by Virindi (3484) on Thursday August 31 2017, @08:09PM (#562287)

    To each their own. If I had a device implanted in my chest keeping me alive, I would consider feature creep, bugs in overly complex logic, and vulnerabilities more dangerous than the benefit to be gained by adding new code.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2