Internet Explorer 6 u-turn for UK Home Office

Filed Under: Internet Explorer, Malware, Microsoft, Vulnerability

UK Government / Internet Explorer
Do you still use Internet Explorer 6? I really hope not.

The facts should be clear as day: Microsoft no longer supports Internet Explorer 6, and the creaky old web browser simply doesn't provide anything approaching a sufficient level of defence with severely critical vulnerabilities left unpatched.

Microsoft itself has urged IE6 users to upgrade to Internet Explorer 8 (as a way of avoiding an attack by a zero day vulnerability). And yet still plenty of firms and organisations find themselves still running Internet Explorer 6.

The British Government has been strongly criticised for its unwillingness to upgrade from the insecure Internet Explorer 6, and I was one of thousands of people who earlier this year signed a petition to the Prime Minister calling on government departments to upgrade their browsers.

The answer at the time was that upgrading browsers was too expensive, so it's good to read in a report in TechEye that the Home Office now plans to switch to Internet Explorer 8.

I'm not saying that it's easy for a government department to upgrade or switch browsers, but the IT teams tasked with securing sensitive data inside organisations must be given the resources to keep on top of the latest security issues - or risk suffering from potentially serious consequences.

Let's hope that other UK government departments follow the Home Office's example and invest in a more up-to-date, more secure browser.

, , ,

You might like

6 Responses to Internet Explorer 6 u-turn for UK Home Office

  1. London Borough of Tower Hamlets uses IE6 as standard.

  2. The important question for me is _why_ is it so hard to upgrade browsers? They're a central part of the user interface now, so any vendor whose browser is hard to upgrade is exposing its users to a wide range of security problems. That vendor also exposes itself to greater costs in terms of supporting users on old versions, and customers switching to competitor products because it's easier to do than to upgrade.

  3. wirelesspacket · 1769 days ago

    I limited my rant to the following below. Previously, I wrote a long rant in reply to the blog post. I then deleted it. The one word I believe best describe what is going on would have to be negligence. Some of you may find that a bit harsh. But seeing what goes on day in and out with lack of updates and patches. I believe a vast majority of issues could be eliminated due to proper preventative maintenance. I.E Patches and Updates.

    I understand some software cannot be patched due to EOL. But something so simple as rolling out an upgrade from IE 6 to IE8. They are eligible for the bloody update!

    If they are running these versions of Windows.

    Windows Vista 32-bit
    Windows Vista 64-bit
    Windows Vista with Service Pack 1 (SP 1) or higher
    Windows XP 32-bit with Service Pack 2 (SP 2) or higher
    Windows XP Professional x64 Edition
    Windows Server 2003 32-bit with SP 2 or higher
    Windows Server 2003 64-bit with SP 2 or higher
    Windows Server 2008 32-bit or higher
    Windows Server 2008 64-bit or higher

    I understand they are also saying expense of the roll out. Sometimes you have to just get it done.

    My 2 Cents.

  4. Guest · 1763 days ago

    Don't forget Java, thankfully now Oracle's Java platform comes with an updater.

    Updated AV, Java and IE = reduced surface attack


  5. Diomedea · 1320 days ago

    Shouldn't they be updating to Firefox? Why rely on closed code under foreign jurisdiction? There must be a security risk involved.

  6. Andrew · 770 days ago

    comodo dragon is a good browser

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley