Microsoft warns of security risk concerning Windows Sidebar and Gadgets

Microsoft's security team advises " Disable Windows Sidebar and Gadgets NOW on Vista and Windows 7 "

http://nakedsecurity.sophos.com/2012/07/12/disable-windows-sidebar-gadgets/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=fb4d853f07-naked%252Bsecurity
from WinCustomize Forums

Users of Windows Vista and Windows 7 have been advised to completely disable their Windows Sidebar and Gadgets, in response to what appears to be a serious security risk.

Read about it here :-  http://nakedsecurity.sophos.com/2012/07/12/disable-windows-sidebar-gadgets/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=fb4d853f07-naked%252Bsecurity

 

Microsoft Fix it :-  http://support.microsoft.com/kb/2719662

54,207 views 12 replies
Reply #1 from Stardock Forums Top

DX always took care of my gadget needs.  Good info though.

Reply #2 from WinCustomize Forums Top

Thanks, coffeegrinder. 

"Clearly Microsoft is worried about the security researchers' findings, and has issued a "Fix It Tool" which will protect Windows 7 and Vista users by entirely disabling the Windows Sidebar and Gadgets functionality.

Yes, that's right. Microsoft hasn't issued a security patch to fix the vulnerability. They're suggesting you completely nuke your Windows Sidebar and Gadgets."

So "Fix it" = "Nuke it".

Unhappy for folks who used them...

 

OT but how about this one?

http://nakedsecurity.sophos.com/2012/07/12/yahoo-voices-hacked/

"This morning, hacker group D33DS Company, published the 453,491 email addresses and passwords online in plain text, in a document marked "Owned and Exposed"."

Yahoo voices hacked. Great.

Multiplicity - Control multiple PCs using one keyboard and mouse
Reply #3 from WinCustomize Forums Top

Haven't used the sidebar since Vista.  :thumbsdown:

Reply #4 from WinCustomize Forums Top

So, if MS tells us Windows7 is a security risk, we are all supposed to jump to Windows 8? It sounds to me like they are tryng to scare people into accepting all the lame decisions they make.(much like the U.S. government)

Having a PC on the internet at all is a "security risk"  I guess I'll trade my PC for a PS3, play offline and be safe.

All the gadgets I use are system monitoring utilities. When SD gets DX to do what they do, and just as well, I'll replace them. Otherwise, I'll give them up when I give up Windows.

Reply #5 from WinCustomize Forums Top

Quoting Zubaz, reply 1
DX always took care of my gadget needs.  Good info though.
Now there's a smart guy!!!!

Reply #6 from Stardock Forums Top

Quoting DrJBHL, reply 2
So "Fix it" = "Nuke it".

Reply #7 from WinCustomize Forums Top

Boom!

Reply #8 from WinCustomize Forums Top

UVAH !!! :(O

Reply #9 from WinCustomize Forums Top

Disabling the sidebar and gadgets is the very first thing I do on a new machine!

Reply #10 from WinCustomize Forums Top

Quoting 2of3, reply 9
Disabling the sidebar and gadgets is the very first thing I do on a new machine!

8C   I got attached to it with Vista. I even added a (skinnable) gadget to it that put the Vista style sidebar on Win7.

No meters? Whaddya want, idiot lights on your computer, just like on new cars?   ;)

 I've been a "hands on" technician all my life. Pressure, frequency, voltage, amperage, resistance, temperature, if it has it, I have a way of monitoring it. I couldn't function without proper accurate test equipment, I don't expect my computer to either.

Now if the sidebar was just a bunch of RSS feeds , clocks, and  search gadgets or limited to what came with Windows, I could do without it.

I never got the hang of sysmetrics. Maybe I should give it another look.

Reply #11 from WinCustomize Forums Top

Kind of looks like MS decided not to support the sidebar and gadgets so they scare everyone into nuking it off their system. I was unable to locate anything about the gadgets that shipped with Windows Vista or Windows 7 being a security risk or malicious code.

I understand that 3rd party gadgets could be a risk, but If MS wrote their own, are they now saying they are dangerous?

Is it possible that MS is footing the bill on the feed for their weather gadget and are doing this to cut back on costs? 

Jorge seems to be familiar with the weather feed costs and I would love to hear his take on this.

Reply #12 from Stardock Forums Top

Probably somebody finally realized that since they're basically just miniature browser windows sitting on your desktop, they're prone to all the same vulnerabilities (plus any that may exist in the gadget app data store). If you're only using known safe ones or ones you wrote yourself, the risk is the same as if the only website you visit is microsoft.com...