The past few days have been worrisome for the royal family, as long-reigning monarch Queen Elizabeth II heeds the advice of medical professionals and rests, canceling a trip to Northern Ireland and a recent appearance at the COP26 Climate Conference. Members of the royal family have been rallying around the queen for the past several days, while thousands of miles away, Prince Harry has reportedly been worried about his grandmother’s health scare. And his concern reportedly stems from the April passing of his grandfather, Prince Philip.
According to a new report from Us Weekly, Prince Harry went into “panic mode” after learning about the queen’s recent hospital stay. “He felt helpless being 5,000 miles away in Montecito, [California,] and has been checking-in non-stop with her,” a source shared with Us Weekly. The Duke of Sussex’s reported focus on the queen’s health isn’t only out of concern for his dear grandmother — it reportedly also has to do with Prince Philip’s passing.
More from SheKnows
Prince Harry still “feels guilty about not saying goodbye” to his grandfather prior to his April death, according to Us Weekly’s source. “[He] would never forgive himself if the same thing happened with his beloved grandmother.” Bearing all of this in mind, Prince Harry is reportedly hopeful that he and his family will be able to reunite with his grandmother in the United Kingdom for the upcoming holidays.
Click here to read the full article.
The Duke of Sussex is “hoping to go back home for Christmas with Meghan, if not before so that she can finally get to meet [her great granddaughter] Lilibet and see [great grandson] Archie again.” Despite the friction within the House of Windsor, one element completely overshadows everything else: this is still a family, with members who want to be close to one another during times of uncertainty.
Before you go, click here to see the 100 best photos of the royal family from the past 20 years.
Prince Harry, Meghan Markle
Launch Gallery: 40 Photos of Queen Elizabeth II's 4 Kids, From Royal Tots to Senior Royals
Best of SheKnows
Sign up for SheKnows' Newsletter.For the latest news, follow us on Facebook, Twitter, and Instagram.
A security bug in the health app Docket exposed the private information of residents vaccinated against COVID-19 in New Jersey and Utah, where the app received endorsements from state officials.
Docket lets residents download and carry a digital copy of their immunizations by pulling their vaccination records from their state’s health authority. The digital copy has the same information as the COVID-19 paper card, but is digitally signed by the state to prevent forgeries. Docket is one of several so-called vaccine passports in the U.S., allowing residents to show their vaccination records — or a scannable QR code — for getting into events, restaurants or crossing into countries where vaccines are required.
But for a time, the app allowed anyone access to the QR codes of other vaccinated users — and all the personal and vaccine information encoded within. That included names, dates of birth and information about a person’s COVID-19 vaccination status, such as which type of vaccine they received and when.
TechCrunch discovered the bug on Tuesday and immediately contacted the company. Docket chief executive Michael Perretta said the bug was fixed at the server level a few hours later.
The bug was found in how the Docket app requests the user’s QR code from its servers. The user’s QR code is generated on the server in the form of a SMART Health Card, a widely accepted standard for validating a person’s vaccination status across the world. That QR code is tied to a user ID, which isn’t visible from the app, but can be viewed by looking at its network traffic using off-the-shelf software like Burp Suite or Charles Proxy.
But Docket’s servers weren’t checking to make sure the person requesting a QR code was allowed to request it. That meant it was possible for any app user to change their user ID and request someone else’s QR code. Worse, Docket user IDs are sequential, and so new QR codes could be enumerated simply by changing the user ID by a single digit.
It’s not known if anyone else discovered the bug. Perretta said the company is “currently in the process of reviewing logs to determine if there was any malicious activity on the platform.” Perretta also said that the company was working to inform state governments about the lapse but did not say if the company planned to notify its users of the security lapse.
Nancy Kearney, a spokesperson for New Jersey’s Department of Health, said in a statement:
The New Jersey Department of Health was notified by our vendor, Docket, of a code vulnerability related to the recent release of a QR code associated with the app. Docket assured the Department that they identified and fixed the vulnerability within the code. No other functionality of the app was affected. The privacy and security of Docket users remains paramount. At this time, Docket is investigating for any indication of potential records that could have been compromised. The Department continues to work with Docket to ensure their ongoing vigilance on this matter.
A spokesperson for Minnesota’s Department of Health also not reply. (Docket is available for Minnesota residents, but the state has not yet deployed QR codes.)
Tom Hudachko, a spokesperson for Utah’s Department of Health, said:
The Utah Department of Health is committed to ensuring the privacy of Utah residents and expects its contractors and partners to maintain the same commitment. Docket notified us [Tuesday] of a bug within its system that could potentially allow users to receive the personal information of other users. Docket has assured us they have identified what caused the bug and have resolved this issue.
“We are working with Docket, and our own data security teams to identify any users that may have had their information inappropriately shared and provide appropriate notification to those individuals,” said Hudachko.
But questions remain about how the bug slipped through to begin with. It’s not known exactly how many vaccinated people’s records were at risk. Last week, Docket said in a since-deleted tweet that it had reached one million users. New Jersey and Utah have a combined 8.5 million residents who have received at least one dose of the COVID-19 vaccine at the time of writing.
Perretta would not say, when asked, what kind of security testing was done on Docket before its launch.
Utah’s Hudachko said that Docket went through a “thorough security review” by the Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC), two offices housed within the U.S. Department of Health and Human Services (HHS). An ONC spokesperson deferred comment to CMS and HHS, neither of which responded to our requests for comment.
The Centers for Disease Control and Prevention (CDC), which approved the app, also did not respond to questions asking if the agency had conducted a security review.
Docket isn’t the only vaccine passport app maker that’s faced security issues. The bug found in the Docket app is a nearly identical issue found in an app called Aura, which exposed thousands of QR codes containing the vaccination status of staff and students. And earlier this year, the Calgary-based proof-of-vaccination app Portpass exposed the personal information of hundreds of thousands of people after leaving its website unsecured, while one hacker was able to create an entirely fake vaccine passport using Quebec’s official proof-of-vaccination app.
Merck fell out of the race to develop COVID-19 vaccines earlier this year but could vault to head of the pack for treatments in 2022
By TOM MURPHY AP Health Writer
October 28, 2021, 4:27 PM
• 3 min readShare to FacebookEmail this article
Merck fell out of the race to develop COVID-19 vaccines earlier this year but could vault to head of the pack for treatments in 2022.
The drugmaker’s potential antiviral, molnupiravir, may generate $5 billion to $7 billion in sales through next year, company executives told analysts Thursday morning. That could include as much as $1 billion this year if regulators authorize it in December.
The company has asked for authorization in both the U.S. and Europe for what would be the first pill to treat COVID-19. All other treatments backed by the U.S. Food and Drug Administration require an IV or injection.
“The need for additional treatment options remains key in combating the COVID-19
pandemic,” Dr. Dean Li, president of Merck research laboratories, told analysts during a Thursday call to discuss third-quarter results.
The FDA has said a panel of outside experts will meet late next month to consider the treatment for use in adults with mild to moderate COVID-19 who are at risk for severe disease or hospitalization.
Merck reported earlier this month that, in testing, the pill cut hospitalizations and deaths by half among patients with early symptoms of COVID-19.
Li said the treatment, which Merck developed with Ridgeback Biotherapeutics, was consistently effective against several virus variants, including the now dominant delta version.
Merck also is studying molnupiravir to see whether it can be used to prevent the spread of COVID-19 in households after someone is exposed to the virus. The company expects results from that research next spring.
In the third quarter, Merck’s blockbuster cancer treatment Keytruda and the vaccine Gardasil pushed the drugmaker well past Wall Street’s third-quarter expectations, even as COVID-19 sapped demand for another vaccine.
Keytruda revenue jump 22% to $4.5 billion, while sales of Gardasil vaccines against the cancer-causing human papilloma virus soared 68%.
But sales of Merck’s pneumonia vaccine, Pneumovax 23, tumbled 26% mainly because people in the United States prioritized preventive shots guarding against COVID-19.
Overall, Merck posted adjusted earnings of $1.75 per share, as net income jumped 55% to $4.57 billion in the quarter.
Analysts expected, on average, earnings of $1.55 per share on $12.32 billion in revenue, according to FactSet.
Merck also said Thursday that it raised and tightened its 2021 forecast. It now expects full-year adjusted earnings of between $5.65 and $5.70 per share on $47.4 billion to $47.9 billion in revenue. The potential COVID-19 treatment was not included in the forecast.
Analysts expect earnings of $5.64 per share on about $47.68 billion in revenue.
Merck said global health systems have largely adapted to the ongoing pandemic, which was still hurting sales earlier this year as people postponed visits to both doctors and veterinarians.
Merck makes drugs for both people and animals. The company expects a 2021 revenue hit of less than 3% from COVID-19.
Shares of Merck & Co. Inc., based in Kenilworth, New Jersey, jumped nearly 5% to $85.40 Thursday, as broader indexes climbed slightly.
Follow Tom Murphy on Twitter