DoH tells NHS to dump IE6
Get with the times, grandad
The Department of Health has told trusts using Windows 2000 or XP to move to version 7 of Microsoft's browser.
In a technology bulletin published by the department's informatics directorate on 29 January 2010, it advised NHS trusts using Microsoft Internet Explorer 6 on either Windows 2000 or Windows XP to move to version 7 of the browser.
"We've advised NHS trusts to upgrade to IE7 as early as possible," said a spokesperson. The guidance said that IE7 works with the department's Spine applications, and provides additional security.
The notice also recommended that organisations that continue to use IE6 should apply a security update patch from Microsoft to all affected computers, or if this is not possible apply mitigation methods suggested by the vendor.
Microsoft reported a significant security problem with IE6 on 14 January which could compromise a computer's operating system, although the browser was already known to be less secure than newer versions. The new vulnerability could act as an entry point for hackers to a network, allowing sensitive information to be stolen, according to the DoH bulletin.
IE6 is widely used within the UK's public sector. In July last year, several government departments said they continued to use IE6, including the MoD's Defence Information Infrastructure programme to provide secure computing services for 300,000 users.
The Cabinet Office has already issued a advisory notice to central government departments on how to deal with IE6. However, the governments of France and Germany have gone much further, advising that their citizens stop using any version of Internet Explorer.
In a parliamentary written answer to Lord Avebury on 28 January on whether the public sector should stop using Internet Explorer, Home Office minister Lord West said that there was no evidence that a fully patched version of its latest edition (IE8) is any less secure than other browsers.
"A government Internet Explorer user, operating on government systems, such as the GSi (Government Secure Intranet), will benefit from additional security measures, unlikely to be available to the average home computer user," he said. "These include tools which actively monitor for evidence of any malicious attacks and provide a layered approach to internet security."
This article was originally published at Kable.
Kable's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.
Sponsored: Global IT security risks report