Windows Gadgets. Yes or No?

[dubya89]

Dled these 2 gadgets from here:

http://www.myfavoritegadgets.info/clngdt04/CleanDownload.html

which are the same files hosted on softpedia.

scanned both files and found no virus:

https://www.virustotal.com/en/file/...1974636784b52f4bd61062e8/analysis/1399459303/

https://www.virustotal.com/en/file/...582109750049a7e43e00d80a/analysis/1399459294/

SO it's it safe to run these or do they have vulnerabilities ?

https://technet.microsoft.com/library/security/2719662

 

[HarriePateman]

I cant see any problems with them.

 

[Alejandro85]

It's really difficult to tell just by the technet article, since it gives little details on what the vulnerabilities actually are, it just states that disabling gadgets altogether is the recommended solution, but far from ideal in the real world.

My impression based on the few indications given on the two points from the article are that the gadget can either run arbitrary code from inside the computer or it might be commanded to do so from an attacker.

Your virus scan probably says local execution is safe, but for the outside "attacker" I think you can mitigate that eventual hole by firewalling sidebar.exe off the internet to be extra sure.

Other than that, together with usual precautions of low privileges/antivirus/firewall/common sense, I don't see anything bad with it, as long as you trust the author.

 

[andrew129260]

Via the white paper here:

http://media.blackhat.com/bh-us-12/...nberg_Blackhat_Have_You_By_The_Gadgets_WP.pdf

The vulnerability involves the fact that any gadget that connects to the internet can be compromised, and gain control over the system. So for example, the built in windows 7 cpu gadget is not vulnerable, but the weather gadget is.

There has not been any wide or known history of this being used in the wild however. But it can be done. Third party gadgets are more vulnerable due to the fact that they are not typically built with security in mind.

An easy way to avoid the vulnerabilities if you are worried, is to use turn off gadgets in turn windows features on or off in the control panel under programs and features. Then uncheck gadgets, click OK and restart.

Microsoft also has a patch about it, which can be found here:

Microsoft Security Advisory: Vulnerabilities in Gadgets could allow remote code execution

Here is the interesting bit though:

If this vulnerability is bad like it states, why is it not offered in windows update? That my friends, is the real question. It is not even offered in the optional updates.

Due to this, I think the likely hood of this attack being carried out is a small risk, and I use gadgets.

Remember though: Nothing is 100% secure. Just because you disable gadgets, does not mean there is not another way into your pc. But if you are paranoid and want to be as safe as possible, disable them.