Skip to main content

Microsoft warns Windows users to disable features in light of security vulnerability

Windows gadgets
Windows Gadgets are opening the virtual doors to attackers
Audio player loading…

With the "internet doomsday virus" known as DNSChanger finally dealt with this week, Windows PC users may feel relatively secure.

That sense of security is false, though, as Microsoft now warns users that cyber-criminals could have a new means of accessing their personal data.

Microsoft urges Windows Vista and Windows 7 users to disable the Sidebar and Gadget features of their operating systems, as they've recently learned that "insecure" Gadgets can allow hackers in.

Vulnerable Gadgets offer attackers the opportunity to execute arbitrary code on a user's PC, potentially allowing them to hijack the Gadget and ascertain information from the user's system, or even take control of their computer for nefarious purposes.

Go-go-gadgets

Gadgets were originally introduced in Windows Vista, and the feature made it over to Windows 7 as well, though without the Sidebar function present in Vista.

Gadgets are essentially simple HTML desktop apps that pull data from web feeds.

The mini-apps will not return in Windows 8, despite being present in the Consumer and Release Preview editions of Microsoft's new OS, and now it appears there's a good reason for that.

Microsoft's provided a temporary fix

It's unknown whether a specific incident prompted Microsoft's warning.

But thanks to the company's temporary fix, users won't have to find out for themselves whether their systems are vulnerable.

In a security advisory posted on Tuesday, Microsoft provides an automated fix that will "help block known attack vectors before a security update is available" by automatically disabling Gadgets and the Sidebar in compatible versions of Windows.

Their wording suggests that a more permanent fix is on the way.

Via The Verge

Michael Rougeau is a former freelance news writer for TechRadar. Studying at Goldsmiths, University of London, and Northeastern University, Michael has bylines at Kotaku, 1UP, G4, Complex Magazine, Digital Trends, GamesRadar, GameSpot, IFC, Animal New York, @Gamer, Inside the Magic, Comic Book Resources, Zap2It, TabTimes, GameZone, Cheat Code Central, Gameshark, Gameranx, The Industry, Debonair Mag, Kombo, and others.


Micheal also spent time as the Games Editor for Playboy.com, and was the managing editor at GameSpot before becoming an Animal Care Manager for Wags and Walks.