Feeds

DoH tells NHS to dump IE6

Get with the times, grandad

Remote control for virtualized desktops

The Department of Health has told trusts using Windows 2000 or XP to move to version 7 of Microsoft's browser.

In a technology bulletin published by the department's informatics directorate on 29 January 2010, it advised NHS trusts using Microsoft Internet Explorer 6 on either Windows 2000 or Windows XP to move to version 7 of the browser.

"We've advised NHS trusts to upgrade to IE7 as early as possible," said a spokesperson. The guidance said that IE7 works with the department's Spine applications, and provides additional security.

The notice also recommended that organisations that continue to use IE6 should apply a security update patch from Microsoft to all affected computers, or if this is not possible apply mitigation methods suggested by the vendor.

Microsoft reported a significant security problem with IE6 on 14 January which could compromise a computer's operating system, although the browser was already known to be less secure than newer versions. The new vulnerability could act as an entry point for hackers to a network, allowing sensitive information to be stolen, according to the DoH bulletin.

IE6 is widely used within the UK's public sector. In July last year, several government departments said they continued to use IE6, including the MoD's Defence Information Infrastructure programme to provide secure computing services for 300,000 users.

The Cabinet Office has already issued a advisory notice to central government departments on how to deal with IE6. However, the governments of France and Germany have gone much further, advising that their citizens stop using any version of Internet Explorer.

In a parliamentary written answer to Lord Avebury on 28 January on whether the public sector should stop using Internet Explorer, Home Office minister Lord West said that there was no evidence that a fully patched version of its latest edition (IE8) is any less secure than other browsers.

"A government Internet Explorer user, operating on government systems, such as the GSi (Government Secure Intranet), will benefit from additional security measures, unlikely to be available to the average home computer user," he said. "These include tools which actively monitor for evidence of any malicious attacks and provide a layered approach to internet security."

This article was originally published at Kable.

Kable's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Whistling Google: PLEASE! Brussels can only hurt Europe, not us
And Commish is VERY pro-Google. Why should we worry?
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
First in line to order a Nexus 6? AT&T has a BRICK for you
Black Screen of Death plagues early Google-mobe batch
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.