Alerts & Corrections

Decades-Old Code Is Putting Millions of Critical Devices at Risk

Nearly two decades ago, a company called Interpeak created a network protocol that became an industry standard. It also had severe bugs that are only now coming to light.

In early August, the enterprise security firm Armis got a confusing call from a hospital that uses the company’s security monitoring platform. One of its infusion pumps contained a type of networking vulnerability that the researchers had discovered in a few weeks prior. But that vulnerability had been found in an operating system called VxWorks—which the infusion pump didn’t run.

Hospital representatives wondered if it was just a false positive. But as Armis researchers investigated, they started to see troubling signs of a connection between VxWorks and the infusion pump’s operating system. What they ultimately discovered has disturbing implications for the security of countless critical systems—patient monitors, routers, security cameras, and more—across dozens of manufacturers.

See the full article at Wired.com.

Drug Shortages Database RSS Feed to be Discontinued

Special Announcement

ASHP currently enables easy access of its Drug Shortages Database information through RSS (“really simple syndication”) feeds. Effective December 31, 2019, ASHP will discontinue the RSS feed. Anyone who is not an ASHP member and who uses the Drug Shortages RSS feeds commercially to populate a third-party application or database will need to complete a short survey so that ASHP may follow up with you with a license agreement and provide instructions for accessing the new API. Access to drug shortages information will continue as a member benefit via the Drug Shortages Resource Center on ASHP’s website and also through ASHP’s AHFS Clinical Drug Information web and mobile applications

1 2 3 4 5 6 22