[Security] issues with Vista & Win7 gadgets - DonationCoder.com
Welcome Guest.   Make a donation to an author on the site August 04, 2015, 12:57:03 PM  *

Please login or register.
Or did you miss your validation email?

Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.

You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
Your Support Funds this Site: View the Supporter Yearbook.
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: [Security] issues with Vista & Win7 gadgets  (Read 830 times)
Charter Member
Posts: 9,415

see users location on a map View Profile Give some DonationCredits to this forum member
« on: July 19, 2012, 02:44:34 AM »

Via Windows Secrets -
Kill those Vista and Win7 gadgets now!

Apparently there are large security issues with the sidebar, and gadgets in general.

Although the vulnerability in gadgets has existed for years, two security researchers are shedding some new light on the threat. At next week’s annual hacker gathering in Las Vegas — Black Hat USA 2012 (more info) — Mickey Shkatov and Toby Kohlenberg will deliver their presentation, “We have you by the gadgets.” As is common for Black Hat presentation pre-announcements, there are as yet few details. But Shkatov and Kohlenberg promise, “We will be talking about the Windows gadget platform and what nastiness can be done with it, how are gadgets made, how are they distributed, and, more importantly, their weaknesses. … As a result, there [are] a number of interesting attack vectors that are interesting to explore and take advantage of. We will be talking about our research into creating malicious gadgets, misappropriating legitimate gadgets, and the sorts of flaws we have found in published gadgets.”

Microsoft have a fix if you want to disable them all:

Supporting Member
Posts: 5,384


see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #1 on: July 27, 2012, 10:35:23 AM »

Just a belated thanks for posting this.
I have disabled the gadgets on 2 laptops, using the disable FixIt on Microsoft's website.
I have also disabled the gadget service's communication via Windows 7 Firewall Control.
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.037s | Server load: 0.1 ]

Share on Facebook
submit to reddit