The software company has released a security update that shuts off the desktop feature out of concerns that hackers could get into a user’s system.
Microsoft has issued a security advisory urging users to install an update that disables the Sidebar and Gadgets features on Windows Vista and Windows 7 operating systems due to a potential security vulnerability.
The security advisory warns that a hacker could get into a users system through an insecure Gadget running in Sidebar, execute arbitrary code and wreak havoc on the system. The Sidebar, as its name implies, is a section of the desktop real estate that lies to one side of the screen. Gadgets running in Sidebar are various tools, created with small amounts of code, which a user can see at a glance while working on their computer, such as a clock, the local temperature, a news headline feed or a stock ticker.Gadgets installed from untrusted sources can harm your computer and can access your computer's files, show you objectionable content, or change their behavior at any time, Microsoft stated in its security advisory, posted July 10.
Worse yet, if the user of the compromised computer has administrative rights on a network, the hacker could take complete control of the affected system, making it possible for them to install programs, view, change, or delete data, or create new accounts with full user rights, the advisory stated.
The advice to disable Gadgets, for those who still use them, comes shortly before security researchers are scheduled to make a presentation on Gadget vulnerabilities at the annual Black Hat USA 2012 security industry conference beginning July 21 in Las Vegas. On July 26, researchers Mickey Shkatov and Toby Kohlenberg will present We Have You By The Gadgets that will detail the risks.
Microsoft closed the Windows Live Gallery at which users could select Gadgets to run in Sidebar in 2011, so the end of the feature was already preordained.
Because we want to focus on the exciting possibilities of the newest version of Windows, the Windows Website no longer hosts the Gadget gallery, Microsoft explained last year.
Robert Mullins is a freelance writer for eWEEK who has covered the technology industry in Silicon Valley for more than a decade. He has written for several tech publications including Network Computing, Information Week, Network World and various TechTarget titles. Mullins also served as a correspondent in the San Francisco Bureau of IDG News Service and, before that, covered technology news for the Silicon Valley/San Jose Business Journal. Back in his home state of Wisconsin, Robert worked as the news director for NPR stations in Milwaukee and LaCrosse in the 1980s.