Microsoft advises users to disable Windows Gadgets following security vulnerability fears

Posted: July 11, 2012 in Vulnerabilities
Tags: ,
Windows 8 desktop gadgets
 

Microsoft is urging Windows Vista and Windows 7 users to disable the Sidebar and Gadget features of the operating systems. Desktop Gadgets, originally introduced in Windows Vista, are mini-apps based on HTML that obtain information from web feeds. Microsoft removed the Sidebar part of its Gadgets implementation in Windows 7, but the software maker is now warning that “insecure” Gadgets could allow attackers to run arbitrary code in the context of the current user.

In a security advisory issued earlier this week, the company has provided an automated fix to disable the Windows Sidebar and Gadgets in supported editions of Windows Vista and Windows 7. Described as a workaround, the firm says its temporary fix will “help block known attack vectors before a security update is available.” It’s not immediately clear whether the firm plans to issue a full security update in future that will also disable the Gadgets feature, but its temporary workaround suggests that might be the case.

Microsoft’s security advisory follows a decision by the firm to kill its desktop Gadget support in Windows 8. Although the Consumer and Release Preview editions of Windows 8 include Gadgets, we have been informed by reliable sources that the software giant has decided to axe them in the final edition of Windows 8. Whether this decision is related to the security concerns isn’t clear at this stage. Computerworld reports that researchers are planning to disclose bugs and security vulnerabilities at a Black Hat convention later this month, a move that may have prompted Microsoft’s security advisory.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s