Microsoft warns of security risk concerning Windows Sidebar and Gadgets

Microsoft's security team advises " Disable Windows Sidebar and Gadgets NOW on Vista and Windows 7 "

Thursday, July 12, 2012 by coffeegrinder | Discussion: Personal Computing

Users of Windows Vista and Windows 7 have been advised to completely disable their Windows Sidebar and Gadgets, in response to what appears to be a serious security risk.

Read about it here :-  http://nakedsecurity.sophos.com/2012/07/12/disable-windows-sidebar-gadgets/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=fb4d853f07-naked%252Bsecurity

 

Microsoft Fix it :-  http://support.microsoft.com/kb/2719662

12 Reply 16 Referrals
ZubaZ
Reply #1 Thursday, July 12, 2012 9:07 AM

DX always took care of my gadget needs.  Good info though.


DrJBHL
Reply #2 Thursday, July 12, 2012 9:10 AM

Thanks, coffeegrinder. 

"Clearly Microsoft is worried about the security researchers' findings, and has issued a "Fix It Tool" which will protect Windows 7 and Vista users by entirely disabling the Windows Sidebar and Gadgets functionality.

Yes, that's right. Microsoft hasn't issued a security patch to fix the vulnerability. They're suggesting you completely nuke your Windows Sidebar and Gadgets."

So "Fix it" = "Nuke it".

Unhappy for folks who used them...

 

OT but how about this one?

http://nakedsecurity.sophos.com/2012/07/12/yahoo-voices-hacked/

"This morning, hacker group D33DS Company, published the 453,491 email addresses and passwords online in plain text, in a document marked "Owned and Exposed"."

Yahoo voices hacked. Great.


Island Dog
Reply #3 Thursday, July 12, 2012 9:13 AM

Haven't used the sidebar since Vista. 


Wizard1956
Reply #4 Thursday, July 12, 2012 9:38 AM

So, if MS tells us Windows7 is a security risk, we are all supposed to jump to Windows 8? It sounds to me like they are tryng to scare people into accepting all the lame decisions they make.(much like the U.S. government)

Having a PC on the internet at all is a "security risk"  I guess I'll trade my PC for a PS3, play offline and be safe.

All the gadgets I use are system monitoring utilities. When SD gets DX to do what they do, and just as well, I'll replace them. Otherwise, I'll give them up when I give up Windows.


RedneckDude
Reply #5 Thursday, July 12, 2012 11:27 AM

Zubaz
reply 1
DX always took care of my gadget needs.  Good info though.
Now there's a smart guy!!!!


Rosco_P
Reply #6 Thursday, July 12, 2012 1:10 PM

DrJBHL
reply 2
So "Fix it" = "Nuke it".


Uvah
Reply #7 Thursday, July 12, 2012 1:30 PM

Boom!


neone6
Reply #8 Thursday, July 12, 2012 2:35 PM

UVAH !!!


2of3
Reply #9 Thursday, July 12, 2012 2:59 PM

Disabling the sidebar and gadgets is the very first thing I do on a new machine!


Wizard1956
Reply #10 Thursday, July 12, 2012 3:36 PM

2of3
reply 9
Disabling the sidebar and gadgets is the very first thing I do on a new machine!

  I got attached to it with Vista. I even added a (skinnable) gadget to it that put the Vista style sidebar on Win7.

No meters? Whaddya want, idiot lights on your computer, just like on new cars?  

 I've been a "hands on" technician all my life. Pressure, frequency, voltage, amperage, resistance, temperature, if it has it, I have a way of monitoring it. I couldn't function without proper accurate test equipment, I don't expect my computer to either.

Now if the sidebar was just a bunch of RSS feeds , clocks, and  search gadgets or limited to what came with Windows, I could do without it.

I never got the hang of sysmetrics. Maybe I should give it another look.


CarGuy1
Reply #11 Thursday, July 12, 2012 6:57 PM

Kind of looks like MS decided not to support the sidebar and gadgets so they scare everyone into nuking it off their system. I was unable to locate anything about the gadgets that shipped with Windows Vista or Windows 7 being a security risk or malicious code.

I understand that 3rd party gadgets could be a risk, but If MS wrote their own, are they now saying they are dangerous?

Is it possible that MS is footing the bill on the feed for their weather gadget and are doing this to cut back on costs? 

Jorge seems to be familiar with the weather feed costs and I would love to hear his take on this.


kryo
Reply #12 Thursday, July 12, 2012 8:10 PM

Probably somebody finally realized that since they're basically just miniature browser windows sitting on your desktop, they're prone to all the same vulnerabilities (plus any that may exist in the gadget app data store). If you're only using known safe ones or ones you wrote yourself, the risk is the same as if the only website you visit is microsoft.com...


Please login to comment and/or vote for this skin.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

  • Richer content, access to many features that are disabled for guests like commenting on the forums and downloading skins.
  • Access to a great community, with a massive database of many, many areas of interest.
  • Access to contests & subscription offers like exclusive emails.
  • It's simple, and FREE!
Login

Home | About | Privacy | Upload Guidelines | Terms of Service | Help
Copyright © Stardock Corporation. All Rights Reserved.


web-wc01