On the heels of XP going out of support, it is happening again, now with Microsoft Forefront.
I am receiving reports from the hospital IT community that a problem in Microsoft Forefront is leading to down time of computers. If a hospital uses an anti-virus product or if a medical device integrates an anti-virus product, a sad risk is that the anti-virus product itself might cause denial of service. It is more difficult to deliver patient care when the computers go down. It disturbs workflow too.
More technical details below.
- Windows XP Hangs After Latest Forefront Endpoint Protection Update
- Windows XP security fix hangs systems and leaves them partly unprotected
- SCEP 2012 220.127.116.11 with sigs 18.104.22.168 causes XP to hang until MsMpEng finally crashes
- WinXP and/or Win2003 with SC Forefront Endpoint Protection installed, MsMpEng.exe crashes after definition update
Programmers are human, so it's not surprising that these problems arise from time to time. But shouldn't devices be resilient to such problems that are certain to happen again? The design controls of a medical device should ensure the device remains safe and effective even if the anti-virus product malfunctions. This is a key reason why I believe in analog, non-software methods to detect malware on high-confidence systems such as medical devices. Less integrated software, less complexity, less risk. Independent failure modes!