Friday01 July 2022

Microsoft Says Sidebar and Desktop Gadgets Are Bad Metro Apps Are Good....

Reading time is around minutes.

So Microsoft finally pushed out a patch that kills of the sidebar and its “offending” gadgets. The news is everywhere as if this is a new story or that the ability of a third party developer to include malicious code is something new as well. The problem is that this is nothing new at all. Microsoft has always had warnings about the dangers of downloading sidebar gadgets since they first appeared in Windows Vista. However, it was always at the user’s own risk if they chose to download and install these and the XML exploit that they talk about is generally mitigated with any type of decent security (like MS Security Essentials).

No, the real reason behind this is the push to get developers of these gadgets to move to developing Metro tiles and Apps. In fact about three months ago after a normal complete reinstall of my main workstation I was searching for one of my favorite gadgets (a remote desktop gadget) and headed over to the Microsoft gallery to grab it. When I hit the page it was no longer available and simply had the message;

“Because we want to focus on the exciting possibilities of the newest version of Windows, the Windows website no longer hosts the gadget gallery.

Gadgets installed from untrusted sources can harm your computer and can access your computer's files, show you objectionable content, or change their behavior at any time. If you are concerned about the safety of gadgets you’ve downloaded in the past, you can learn more about gadgets and steps you can take to protect your PC.”

This pretty much spells it out for you. Microsoft is moving away from the desktop gadget and recommending people disable the sidebar completely. In MSA (Microsoft Security Advisory) 2719662 is says; “Microsoft is announcing the availability of an automated Microsoft Fix it solution that disables the Windows Sidebar and Gadgets on supported editions of Windows Vista and Windows 7”


Since desktop gadgets are now “bad” you can always wait and get a new form of gadget in the form of MetroUI Apps and Live Tiles. The problem is that they are also vulnerable as a talk scheduled to be held at Blackhat later this month will let you know. While we understand that Microsoft is going to do everything to coax Windows 7 and Vista users (the figure that people holding on to XP are a given) to migrate to Windows 8, we think that claiming that sidebar gadgets are any less secure than Metro Apps is very disingenuous. It makes us wonder what else they are not being all that honest about?

Discuss this in our Forum

Last modified on Wednesday, 11 July 2012 21:21

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.