NHS Staff Told To Abandon IE6

The Department of Health (DH) has issued a bulletin to NHS staff, recommending that any organisation still using Internet Explorer 6 should upgrade to Internet Explorer 7. The advice is based on concerns about the security of IE6, following the discovery of a vulnerability that can be exploited to run malicious code on various versions of Windows.

The flaw in question is the same one that reportedly enabled hackers to break into the Gmail accounts of human rights activists in China. The attack resulted in Google reconsidering its policy of co-operating with the Chinese government, and threatening to pull out of the country all together.

The DH bulletin also advises organisations that choose to continue using IE6 to apply the security update patch issued by Microsoft in January. Where the update is incompatible with existing applications, the DH recommends applying one of the mitigating actions from the Microsoft security advisory instead.

“Exploitation of this vulnerability could allow for complete compromise of the affected system,” the DH warned in the bulletin. “This could allow an attacker to download and install further malware/spyware on to the computer, add user accounts to the computer, steal sensitive data held locally and centrally and so forth.

“It is also possible that exploiting this vulnerability could allow for the compromised computer to be used as a ‘staging point’ for further attacks against other computer systems including those outside of the organisation. If an organisation has systems compromised via this vulnerability, there may be consequential reputational damage, especially if sensitive data is affected or the compromised system is used to attack other systems,” it added.

Google also announced at the end of last week that it would phase out its support for IE6 and other older web browsers for its Google Docs and Google Sites applications. However, the company cited application speed, not security, as the main reason for the decision. “The web continues to evolve at lightning speed, and using an up-to-date browser enables you to use the very latest web apps,” wrote Google Apps senior product manager Rajen Sheth in a blog post.

Meanwhile, the British government is sticking by its decision not to deter computer users from using Microsoft’s Internet Explorer, despite both the German and French governments issuing warnings over the security of the web browser. During a scheduled discussion in the House of Lords about the public sector’s use of IE6, Lord West of Spithead explained that “Complex software will always have vulnerabilities and motivated adversaries will always work to discover and take advantage of them.”

“We take Internet security very seriously and we have worked with Microsoft and other suppliers over many years to understand the security of the products used by HMG, including Internet Explorer,” West added. “There is no evidence that moving from the latest fully patched versions of Internet Explorer to other browsers will make users more secure. Regular software patching and updating will help defend against the latest threats.”

Sophie Curtis

Recent Posts

IT Glitch Disrupts Morrisons Christmas Shopping

Morrisons offers discounts after glitch causes promotions to not be applied for card holders, as…

10 hours ago

US Finalises Billions In Awards To Samsung, Texas Instruments

US finalises $4.7bn award to Samsung Electronics, $1.6bn to Texas Instruments to boost domestic chip…

18 hours ago

OpenAI Starts Testing New ‘Reasoning’ AI Model

OpenAI begins safety testing of new model o3 that uses 'reasoning' process to ensure reliability…

19 hours ago

US ‘Adding Sophgo’ To Blacklist Over Link To Huawei AI Chip

US Commerce Department reportedly adding China's Sophgo to trade blacklist after TSMC-manufactured part found in…

19 hours ago

Amazon Workers Go On Strike Across US

Amazon staff in seven cities across US go on strike after company fails to negotiate,…

20 hours ago

Senators Ask Biden To Extend TikTok Ban Deadline

Two US senators ask president Joe Biden to delay TikTok ban by 90 days after…

20 hours ago