Abbott is updating the firmware for all St. Jude Medical radio frequency-enabled implantable pacemaker devices to address cybersecurity vulnerabilities that could allow an unauthorized user to access a patient's device using commercially available equipment, the Food and Drug Administration reports. The update requires an in-person patient visit with a health care provider to update the software embedded in the device and takes about three minutes to complete. FDA recommends that health care providers discuss the risks and benefits of the cybersecurity vulnerabilities and associated firmware update with their patients at the next regularly scheduled visit, and determine if the update is appropriate for the given patient based on the potential benefits and risks. FDA and Abbott do not recommend prophylactic removal and replacement of affected devices. There are no known reports of patient harm related to the cybersecurity vulnerabilities in the 465,000 affected devices implanted in the U.S.