Microsoft Advises Users of Windows 7 and Vista to Disable Desktop Gadgets
In a security advisory released yesterday, Microsoft advised Windows 7 and Vista users to disable their Windows Sidebar and Gadgets. The company warned that insecure gadgets could be used to run arbitrary code on a computer.
To disable them, Microsoft has made available a utility in the form of a Microsoft Fix it download. The Fix it Wizard will guide the user on how to apply the patch to address this vulnerability.
For users who do not want to utilize this solution, there is a manual way to disable the Windows Sidebar and Gadgets via Group Policy that is available on supported Windows operating systems like Windows Vista Business, Enterprise and Ultimate as well as Windows 7 Professional, Enterprise and Ultimate.
To disable Sidebar in Group Policy, follow these steps:
- Click Start, click Run, type "gpedit.msc", and then click Continue.
- Under Local Computer Policy\Computer Configuration double click Administrative Templates, double click Windows Components, and then double click Windows Sidebar.
- Change the value of the Turn off Windows Sidebar setting to Enabled:
- Right click on Turn off Windows Sidebar.
- Select Properties from the menu.
- Select the Enabled radio button.
- You must Log Off your system or close the sidebar.exe process after you apply this workaround.
For consumer versions of Windows 7 and Vista (Starter and Home Basic or Home Premium versions), users of these operating systems will have to use the Fix it solution mentioned above.
According to Computerworld, it speculated this security advisory is a preemptive by the company in response to an upcoming presentation at Black Hat, the annual security conference held in Las Vegas. Two presenters are scheduled to present their research on gadget flaws and exploits on July 26 at the conference.