January 21, 2020
Understanding Mercury’s Leap Year Firmware Issue
Read Time / 4 min.
Security professionals may be wondering whether their access control system will function properly on and after Leap Day (Feb. 29, 2020) after reading a “time-critical” notice issued by Mercury Security.
The notice, sent to access control manufacturers on Jan. 15 but also distributed to some end-users, states that LP1501, LP1502, LP2500 and LP4502 Intelligent Controllers will not properly handle leap year time calculations – a problem that will have “unknown effects on the functionality of the access control system.”
The solution from Mercury is simple: Update the firmware. In its notice, Mercury urges that all deployed LP intelligent controllers be updated to firmware version 1.27.8.0629 before March 1, 2020.
This generally can be accomplished in one of two ways:
- Using the on-board webpage in the Mercury controller
- Using the access control software to push the firmware update to the panels
However, access control software manufacturers are in the process of testing the firmware update to ensure it works properly with their software and will provide guidance on next steps. To avoid any further issues, customers and integrators should wait until testing is completed to ensure the updated firmware is compatible with their access control system.
At STANLEY Security, we’re working with our suppliers to address this issue and provide guidance to our customers.
Does the Mercury Firmware Issue Impact My Access Control System?
This notice only applies to the newer LP intelligent controller series, which has been available since July 2018. Older EP and legacy series controllers are not affected. The following list of controllers are not affected, according to Mercury’s notice:
- LP intelligent controllers that are deployed in “legacy” mode
- EP series controllers
- Bridge products (M5, MS and MI)
- Legacy controllers, such as the SCP series
To identify whether you have any affected equipment, take a look at the control board. Mercury’s LP series has red panels (see the image above), while earlier, unaffected models are green.
Additionally, you may consult your inventory or billing documentation to search for the part number. It’s important to note that some PACS manufacturers resell controllers using their own part numbers, which may make it harder for you to identify whether you have affected components.
Some of the most common part numbers associated with the affected Mercury LP controllers are provided in the table below. Please note that this list is not comprehensive.
If you’re not sure whether you have any of the affected parts, contact your security provider. If you believe your system will be impacted, reach out to your security provider to schedule service. Depending on your system’s setup, your provider can either push the firmware update remotely or locally – if, for instance, your control board is in a secure computing environment and isn’t connected to the network or internet.
This relatively simple fix should be covered under most service plans at no additional cost.
Mercury’s leap year firmware issue underscores the importance of maintaining the health of your security system and offers a few key reminders for security professionals:
- Always have a service plan in place for unexpected issues.
- Maintain an inventory of your security system components.
- Be vigilant about applying firmware updates to your devices.
Even if your access control system isn’t affected, use this as an opportunity to check for firmware updates across your security devices and revisit your service plan.
System maintenance and regular testing and inspection are key to monitoring your security system’s performance and ultimately ensuring the security of your people, property and assets.
To learn more about keeping your access control system secure, click here. To contact STANLEY Security about Mercury LP controllers and submit a service request, please call 1.855.578.2653.