Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it's official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

HHS's Compliance With Federal Regulations Related to Operating Systems and Software Beyond End of Life

Operating systems, software, and applications that are no longer supported by their respective vendors and/or providers present risks to HHS and Operating Division (OpDiv) networks. Threat actors may exploit a known vulnerability in unsupported software, which could lead to a detrimental result including but not limited to data exfiltration (e.g., loss of personal identifiable information), data destruction, compromised intellectual property, and/or reputational harm. We will determine whether HHS and select OpDivs are in compliance with Federal requirements on the usage of unsupported software. In addition, we will determine whether HHS has effective oversight and mitigation controls in place to ensure that unsupported assets do not place HHS mission-ritical systems and data at risk.

Announced or Revised Agency Title Component Report Number(s) Expected Issue Date (FY)
May 2024 HHS, OS HHS's Compliance With Federal Regulations Related to Operating Systems and Software Beyond End of Life Office of Audit Services W-00-23-42044 2024