Main Area and Open Discussion > Living Room

[Security] issues with Vista & Win7 gadgets

(1/1)

tomos:
Via Windows Secrets -
Kill those Vista and Win7 gadgets now!

Apparently there are large security issues with the sidebar, and gadgets in general.

Although the vulnerability in gadgets has existed for years, two security researchers are shedding some new light on the threat. At next week’s annual hacker gathering in Las Vegas — Black Hat USA 2012 (more info) — Mickey Shkatov and Toby Kohlenberg will deliver their presentation, “We have you by the gadgets.” As is common for Black Hat presentation pre-announcements, there are as yet few details. But Shkatov and Kohlenberg promise, “We will be talking about the Windows gadget platform and what nastiness can be done with it, how are gadgets made, how are they distributed, and, more importantly, their weaknesses. … As a result, there [are] a number of interesting attack vectors that are interesting to explore and take advantage of. We will be talking about our research into creating malicious gadgets, misappropriating legitimate gadgets, and the sorts of flaws we have found in published gadgets.”
--- End quote ---

Microsoft have a fix if you want to disable them all:
http://support.microsoft.com/kb/2719662

IainB:
Just a belated thanks for posting this.
I have disabled the gadgets on 2 laptops, using the disable FixIt on Microsoft's website.
I have also disabled the gadget service's communication via Windows 7 Firewall Control.

Navigation

[0] Message Index