OrthoView – Response to the Log4j Vulnerability (LogShell)

Details on this vulnerability and possible mitigations can be found on these Government websites:

US: https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance

UK: https://www.ncsc.gov.uk/news/apache-log4j-vulnerability

The reported exploit is typically achieved by sending a corrupting http request to a vulnerable server.

We have reviewed all the OrthoView products for this vulnerability.

  • The OrthoView Template Delivery Server (TDS) was found to be vulnerable to this attack. This server has already been fixed and has never exploited.
  • All OrthoView products prior to 7.1 do not have this library or vulnerability.
  • OrthoView 7.1.x and 7.3.x use this library but are considered very low risk because:
    • All OrthoView installations should be located inside of the hospital network and (other than the TDS) have no external access which could be exploited.
    • OrthoView servers use a different logging framework and hence are not vulnerable to these attacks even if accessed by unauthorised users.
    • The affected log4J libraries are used by OrthoView only when executed as a Desktop application (either installed explicitly on a Desktop or auto installed from an OrthoView server). They do not accept http requests.
  • OrthoView 7.4.x also uses this library and when installed with the zero footprint (ZFP module) does accept http requests. This is considered low risk as:
    • All OrthoView installations should be located inside of the hospital network and (other than the TDS) have no external access which could be exploited.
    • Most 7.4.x usage is of the “standard” product which is very low risk as indicated for 7.1.x, and 7.3.x.
  • All other OrthoView websites and services are unaffected.

Although low risk, the mere presence of this library is likely to concern Hospital IT and therefore we will provide the patch for all server deployed versions of OrthoView (including ZFP). We also will supply patches to any Desktop installed versions on request.

If you require the patch or have any queries, please do not hesitate to contact our support teams on:

+44 (0)2380 762500 Option 2

orthoviewsupport@materialise.co.uk

us.orthoviewsupport@materialise.com

+15,000
Orthopaedic surgeons

+6,000,000
Planned procedures

Worldwide, orthopaedic surgeons use Materialise OrthoView to accurately template their procedures, go into surgery better prepared, and achieve a more predictable patient outcome. Usability and clinical relevance have always been at the core and result in a high customer satisfaction of 94%.

For primary and revision hip and knee arthroplasties as well as shoulder and small joint replacements, fracture management, deformity correction and spine procedures, Materialise OrthoView offers the latest innovations driven by surgeons since 2002.

Discover our free online trial and join our worldwide planning community!

Create trial account

Smart planning

From joint replacement and trauma to spine and pediatrics, our smart planning tools automate the analysis and planning of your procedures.

Learn more chevron_right

+220,000 intelligent templates

Our extensive online digital template library is always up-to-date and provides instant access to high-quality and intuitive templates that are carefully created according to specifications provided by each device manufacturer.

Explore the templateschevron_right

Easy to learn & 
excellent support

Discover how others have benefited from using Materialise OrthoView, watch online video tutorials to get started easily, or request an on-site training. Our PACS partners and technical teams are there for you for any consultations.

Go to learningchevron_right

What our community says

 

 

I was obviously looking for a solution that is easy to use, has all the templates I need and is accurate. But I also needed it to be compatible with our PACS so that I can work on my images from the PACS and save them back to it easily.”

 

 

Dr. Andrew Noble, MD
Orthopaedic surgeon, Paim Beach Florida

 

“On average, we estimate $20,000 to $40,000 a year to print each surgeon’s operative radiographs. Eliminating this cost, as well as the time it takes someone to print these x-rays, is another way to reduce one’s overhead”

 

 

Dr. Brett Levine
Associate Professor, Rush University Medical Center

 

I was obviously looking for a solution that is easy to use, has all the templates I need and is accurate. But I also needed it to be compatible with our PACS so that I can work on my images from the PACS and save them back to it easily.”

 

 

Mr John Charity
Elective and Trauma Hip Surgeon, Exeter, UK

 

“In the last 2 years, I could count on the help of digital planning through the partnership with Materialise. OrthoView has become the most important tool in the planning of my surgeries and has brought greater patient confidence in the indicated treatment. I should also point out all the support I had during the process of using OrthoView. Thank you.”

 

 

Dr. Felipe Augusto Ribeiro Batista
Orthopedic surgeon, São Paulo, BR

 

“I plan all my cases beforehand in OrthoView so the number of decisions I need to make intra-operatively are significantly reduced.”

 

 

Dr. Sebastian Sturridge
Orthopaedic Surgeon, UK

 

“OrthoView is extremely valuable for hips due to its accuracy in assessing the measurements that are needed to obtain the true cup and stem size for my patient.”​

 

 

Dr. Thomas Mulvey
MD Orthopedic Surgeon, Peoria, Illinois, USA

Secure planning, anywhere

As a web or a desktop application, OrthoView is easily accessible from anywhere in the hospital network.

Learn more about deploymentchevron_right

Full PACS integration

Materialise has partnerships with all of the major PACS providers to seamlessly plan your procedures.

Discover our PACS partners chevron_right

Flexible Purchase Options

From individual to enterprise and across specialties, we have a license solution for you.

Compare licenses chevron_right

This content is intended for Health Care Professionals only - L-100891