For some unknown reasons, the Department of Health (DoH) has issued a statement over the need to move from Internet Explorer 6 that refutes the official stand of the UK Government taken last week in the House of Lords.
In a four page document (PDF here) entitled "Technology Bulletin: Microsoft Internet Explorer Security Vulnerability – 979352 – “Aurora", the Informatics Directorate from the DoH recommends moving from Internet Explorer 6 to the more secure Internet Explorer 7 but not version 8.
This might be because, Microsoft's latest browser hasn't been properly tested with the NHS's proprietary systems such as the CSA (Clinical Spine Application), part of the SPINE, whcih is the huge national database of patient medical records.
Interestingly, the NHS Head of IT Security approved the advisory report on the 21st of January 2010, a week before the Parliamentary Under-Secretary of State for the Home Office, Lord West of Spithead, replied to Lord Avebury saying that the UK government considers that "there is no evidence that moving from the latest fully patched versions of Internet Explorer".
Authors of the document warned that "If an organisation has systems compromised via this vulnerability, there may be consequential reputational damage, especially if sensitive data is affected or the compromised system is used to attack other systems."
At least 750,000 computers in the NHS use IE6 on Windows XP for day to day work and an additional 300,000 workstations from the MoD's Defence Information Infrastructure apparently run on this rather clunky combination. Anyhow, Microsoft can use the IE6 case as a reason to encourage the public sector to move to Windows 7.