Think Information. Think Security.
Users of Windows Vista and Windows 7 have been advised to completely disable their Windows Sidebar and Gadgets, in response to what appears to be a serious security risk. The Microsoft's security team issued security advisory on the vulnerabilities exist that could allow malicious code to be executed via the Windows Sidebar when running insecure gadgets.

The Windows Sidebar is a vertical bar that can appear at the side of your desktop, containing mini-programs (known as gadgets) that can provide a number of functions such as a clock, the latest news headlines, weather report and so forth.

The warning comes ahead of a talk schedule for Black Hat later this month by Mickey Shkatov and Toby Kohlenberg's talk on "We have you by the gadgets"; threatens to expose various attack vectors against gadgets, on how malicious gadgets can be created and flaws in published gadgets

Clearly Microsoft is worried about the security researchers' findings, and has issued a "Fix It Tool" which will protect Windows 7 and Vista users by entirely disabling the Windows Sidebar and Gadgets functionality.

Interestingly, Microsoft has dropped Gadgets from the upcoming Windows 8. 

Croos-posted from: Naked Security

Leave a Reply.