Microsoft has made available a small fix that disables all gadgets and disables the “sidebar” engine that runs the gadgets in Windows Vista and Windows 7, amid unspecified security vulnerabilities that have come up. Gadgets were originally introduced with Windows Vista back in 2007.
“The purpose of this advisory is to notify customers that Microsoft is aware of vulnerabilities in insecure Gadgets affecting the Windows Sidebar on supported versions of Windows Vista and Windows 7,” Microsoft explained in a security warning. “The deprecation of gadgets and the sidebar is interesting. Gadgets are not much used for business, so if you don’t use it, get rid of it. That’s one of the best ways to reduce your attack profile,” said Jason Miller, manager of research and development at VMware.
Windows Gadgets never really caught on with users and it has become no surprise that Microsoft has announced recently it was pulling support of gadgets from Windows 8. On top of that, the company retired the Windows Live Gallery which was a source for desktop gadgets.
Security researchers are planning to disclose vulnerabilities in Windows Gadgets at a convention called “Black Hat” later this month, which has prompted Microsoft to release this security advisory.Microsoft, Security, Windows