Wednesday, April 16, 2014

Not Again! When Anti-Virus Updates Go Awry, Microsoft Forefront and Hospitals?

Long-time readers will remember incidents such as the 2010 event when hospitals were stuck in an endless reboot cycle as a result of an automated update from McAfee gone awry. Also see the NPR report. At the time, a hospital in Rhode Island reportedly had to stop treating certain patients because of the computer malfunction, except for extreme cases like gunshot wounds.

On the heels of XP going out of support, it is happening again, now with Microsoft Forefront.

I am receiving reports from the hospital IT community that a problem in Microsoft Forefront is leading to down time of computers. If a hospital uses an anti-virus product or if a medical device integrates an anti-virus product, a sad risk is that the anti-virus product itself might cause denial of service. It is more difficult to deliver patient care when the computers go down.  It disturbs workflow too.

More technical details below.
Programmers are human, so it's not surprising that these problems arise from time to time. But shouldn't devices be resilient to such problems that are certain to happen again? The design controls of a medical device should ensure the device remains safe and effective even if the anti-virus product malfunctions. This is a key reason why I believe in analog, non-software methods to detect malware on high-confidence systems such as medical devices. Less integrated software, less complexity, less risk. Independent failure modes!