Recently, the U.S. Government and Microsoft issued a security warning for anyone who uses Internet Explorer (versions 6 to 11) to access and view websites and other online programs. Internet Explorer contains a coding vulnerability that could allow an attacker to use a malicious website to remotely control the compromised computer. ERA’s website, online information, and all of its online services are protected from this vulnerability.
You can safely continue to use your ERA-EMS, visit the ERA website and blog, and contact ERA online using Internet Explorer. The Internet Explorer Vulnerability only applies to website specifically designed to exploit this vulnerability. Nothing in ERA’s coding is susceptible to or related to this recent warning from Microsoft.
It is recommended by FireEye Research Labs – the company that identified the vulnerability and notified Microsoft – that anybody using Internet Explorer disable Adobe Flash as a temporary workaround solution. This is a temporary workaround that does not fix the vulnerability but does protect users from attacks.
Microsoft is working on a solution to the bug, and will be rolling out the fix as soon as possible. Users can also implement workaround solutions suggested on Microsoft’s website here: https://technet.microsoft.com/en-US/library/security/2963983#ID0EUFAC
Users should also avoid visiting unfamiliar or untrusted sites until Microsoft addresses the issue. In particular, be cautious regarding any site that is sent to you in an untrusted/junk email or in an advertisement, as the vulnerability can only be exploited by visiting a malicious site.
ERA encourages all clients to review Microsoft’s release about the bug and to follow all instructions from Microsoft here: https://technet.microsoft.com/en-US/library/security/2963983#ID0EUFAC
ERA’s website and online EH&S Management Software are not compromised by this vulnerability. You can continue to use the ERA-EMS using Internet Explorer, and the ERA website can be added to your list of trusted sites.
If you have any questions about your online security using ERA's services or software, please contact ERA at info@era-ehs.com.