St. Jude Medical is deploying a software update to a remote monitoring system used with its implantable pacemakers and defibrillator devices to reduce the risk of patient harm due to cybersecurity vulnerabilities, the Food and Drug Administration announced this week. The agency said health care providers should continue to conduct normal in-office follow-up with patients using the Merlin@home Transmitter and remind patients to keep the transmitter connected to ensure their devices receive the necessary patches and updates. Although there have been no reports of related patient harm, FDA said the vulnerabilities could be exploited to allow an unauthorized user to remotely access and modify programming commands to a patient's implanted cardiac device, which could result in rapid battery depletion and/or administration of inappropriate pacing or shocks. For more information, see the FDA safety communication.