Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Microsoft Security Bug Software Windows Technology

Microsoft Kills Windows Gadgets Via Security Update 161

Posted by timothy from the cutting-losses dept.
benfrog writes "Microsoft has taken the unusual step of killing the Windows Gadgets feature completely via a security update. According to an advisory issued Tuesday, an attacker could take over a user's system if they are logged in as admin and they install a vulnerable gadget. Microsoft has pulled the plug on its official Gadgets Gallery and is offering a Fix-it that completely disables the Windows Sidebar and Gadgets. Researchers Mickey Shkatov and Toby Kohlenberg are scheduled to give a presentation on the vulnerability at the upcoming Black Hat conference called We Have You By the Gadgets."
This discussion has been archived. No new comments can be posted.

Microsoft Kills Windows Gadgets Via Security Update More

Microsoft Kills Windows Gadgets Via Security Update

Comments Filter:

  • Misinformed Title (Score:5, Informative)

    by Mike Wag ( 2683017 ) on Thursday July 12, 2012 @01:00PM (#40629457)
    Slashdot's title gives the idea that Microsoft is using Windows Update to disable gadgets while in fact they are not. The article, however, is correct so this is just Slashdot trying to be sensationalist.

    What Microsoft is giving is 'Fix It' executable on their website. These are entirely optional and are proactively downloaded and enabled by users. They also contain the full info of what they do.

    As for the "vulnerability", well, duh. You download executable code, you might get pwnd. Even Chrome warns you that addons can pwn your system.

  • Wrong summary (Score:5, Informative)

    by Jennifer Wag ( 2683019 ) on Thursday July 12, 2012 @01:01PM (#40629467)
    Microsoft Windows Update does not remove Windows Gadgets. To remove Windows Gadgets, you need to proceed to Microsoft website and download a Fix-It that can be then used to disable Windows Gadgets on your computer.

  • Re:Uh (Score:5, Informative)

    by Dynamoo ( 527749 ) on Thursday July 12, 2012 @01:06PM (#40629525) Homepage
    The same goes for installing ANY application. This is a stupid knee-jerk reaction.

  • Re:Misinformed Title (Score:5, Informative)

    by Sc4Freak ( 1479423 ) on Thursday July 12, 2012 @01:21PM (#40629691)

    This is a fix-it update, which doesn't appear through windows update and isn't pushed out through WSUS...

  • Re:Uh (Score:5, Informative)

    by Marc Madness ( 2205586 ) on Thursday July 12, 2012 @01:43PM (#40629971)
    The featured article explains with a much less confusing use of pronouns:

    "An attacker who successfully exploited a Gadget vulnerability could run arbitrary code in the context of the current user," company officials said in an advisory issued Tuesday. "If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system."

  • Re:Misinformed Title (Score:5, Informative)

    by mister_playboy ( 1474163 ) on Thursday July 12, 2012 @11:02PM (#40635155)

    You like to complain about others making hyperbolic posts, yet every single post you make is an exaggerated bluster-filled rant.

    Your endless faux outrage is fucking boring. Get a new gimmick and maybe I'll consider reading your comments again.

Slashdot Top Deals

This file will self-destruct in five minutes.

Close