Skip to main content

Microsoft warns Windows users to disable features in light of security vulnerability

Windows gadgets
Windows Gadgets are opening the virtual doors to attackers

With the "internet doomsday virus" known as DNSChanger finally dealt with this week, Windows PC users may feel relatively secure.

That sense of security is false, though, as Microsoft now warns users that cyber-criminals could have a new means of accessing their personal data.

Microsoft urges Windows Vista and Windows 7 users to disable the Sidebar and Gadget features of their operating systems, as they've recently learned that "insecure" Gadgets can allow hackers in.

Vulnerable Gadgets offer attackers the opportunity to execute arbitrary code on a user's PC, potentially allowing them to hijack the Gadget and ascertain information from the user's system, or even take control of their computer for nefarious purposes.


Gadgets were originally introduced in Windows Vista, and the feature made it over to Windows 7 as well, though without the Sidebar function present in Vista.

Gadgets are essentially simple HTML desktop apps that pull data from web feeds.

The mini-apps will not return in Windows 8, despite being present in the Consumer and Release Preview editions of Microsoft's new OS, and now it appears there's a good reason for that.

Microsoft's provided a temporary fix

It's unknown whether a specific incident prompted Microsoft's warning.

But thanks to the company's temporary fix, users won't have to find out for themselves whether their systems are vulnerable.

In a security advisory posted on Tuesday, Microsoft provides an automated fix that will "help block known attack vectors before a security update is available" by automatically disabling Gadgets and the Sidebar in compatible versions of Windows.

Their wording suggests that a more permanent fix is on the way.

Via The Verge