Welcome Guest.   Make a donation to an author on the site August 30, 2014, 01:24:29 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
The N.A.N.Y. Challenge 2011! Download 30+ custom programs!
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: [Security] issues with Vista & Win7 gadgets  (Read 695 times)
tomos
Charter Member
***
Posts: 8,475



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« on: July 19, 2012, 02:44:34 AM »

Via Windows Secrets -
Kill those Vista and Win7 gadgets now!

Apparently there are large security issues with the sidebar, and gadgets in general.

Quote
Although the vulnerability in gadgets has existed for years, two security researchers are shedding some new light on the threat. At next week’s annual hacker gathering in Las Vegas — Black Hat USA 2012 (more info) — Mickey Shkatov and Toby Kohlenberg will deliver their presentation, “We have you by the gadgets.” As is common for Black Hat presentation pre-announcements, there are as yet few details. But Shkatov and Kohlenberg promise, “We will be talking about the Windows gadget platform and what nastiness can be done with it, how are gadgets made, how are they distributed, and, more importantly, their weaknesses. … As a result, there [are] a number of interesting attack vectors that are interesting to explore and take advantage of. We will be talking about our research into creating malicious gadgets, misappropriating legitimate gadgets, and the sorts of flaws we have found in published gadgets.”

Microsoft have a fix if you want to disable them all:
http://support.microsoft.com/kb/2719662
Logged

Tom
IainB
Supporting Member
**
Posts: 4,632


Slartibartfarst

see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #1 on: July 27, 2012, 10:35:23 AM »

Just a belated thanks for posting this.
I have disabled the gadgets on 2 laptops, using the disable FixIt on Microsoft's website.
I have also disabled the gadget service's communication via Windows 7 Firewall Control.
Logged
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.033s | Server load: 0.11 ]