On April 27 the Department of Homeland Security, Office of Cybersecurity and Communications published Vulnerability Note 222929
, “Internet Explorer (IE) contains a use-after-free vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.”
Healthcare providers who are running browser-based applications in IE that require Adobe Flash are at risk of being attacked by this vulnerability. These applications may include universal viewers and image sharing solutions.
, unlike most universal viewing and image sharing solutions in the market, does not rely on Flash. Viewers and sharing solutions that operate in a browser and rely on Flash are going to be vulnerable to this serious security vulnerability.
Merge recommends that unless you have other web-based applications that require Flash, disable Flash until Microsoft publishes a patch for the vulnerability. iConnect® Access will continue to operate safely and securely.
For questions or more information, please contact Merge Support.