Helping people with computers... one answer at a time.
There is some truth to rumors about security vulnerabilities in Windows gadgets. Perhaps, it's time to start looking for something else.
I just got some advice from Windows Secrets (another newsletter to which I subscribe) that says Windows gadgets are a potential security threat. I use several and I find them very handy. Do you agree that we should get rid of them? I'm using PCs with both Vista and Win 7. I'm firewalled and have Norton Internet Security as well as Malwarebytes. I regularly update them as well as my operating system.
In this excerpt from Answercast #42, I look at those fancy gadgets that have been showing on computers since Vista and why they're potential security vulnerabilities.
I have heard the issue about gadgets and my sense is two things. One is that:
There is, in fact, a vulnerability in the Microsoft implementation of how gadgets interface to Windows.
That vulnerability could apparently be exploited by malware.
The solution is to turn off support for gadgets completely.
In one sense, that makes me feel that yes, this is a legitimate threat; it's an unpatched vulnerability; the world knows about it. We should be taking steps.
On the other hand,
Gadgets are nothing more than computer programs that you use and you run everyday.
We all install and run computer programs.
Malware frequently appears as computer programs that we inadvertently run and install... whether they take advantage of a vulnerability in gadgets or not:
If you can avoid that (in other words, if you're good about avoiding, downloading, or inadvertently installing malware on your machine), I'm not sure that there's a high incremental benefit to disabling gadgets – particularly if gadgets are something you rely on.
Now, the most secure solution? Absolutely:
Live without your gadgets. (There's an argument for doing that, that I'll get to in a moment.)
So, in the absolute securest sense – sure go ahead and disable them. Aside from losing the gadget functionality (that, in your case, you happen to like), you're not really losing anything else.
And to be honest from what I've seen, most people don't really use gadgets that much.
Now, the thing I alluded to is that there is a sense that gadgets are possibly going away.
They were very prominent in Windows Vista;
They are not nearly as prominent in Windows 7;
And it's unclear whether they will be present, or if they'll be present in the same form in Windows 8 or beyond.
It's very possible that in the long term, Microsoft may not be that interested in supporting gadgets into the future. I do expect (or at least hope) that they're going to fix this particular vulnerability – because it is a vulnerability. It's a security issue and they should fix it.
But long term, now might be a good time to see exactly what it means to have a life without gadgets and what alternatives are out there for the various gadgets that you're using today.
In reality, there are alternatives:
If you want a clock on your desktop, there are clocks you can get for your desktop.
If you want windows to scroll pictures, you can get applications that will do that kind of thing for you.
So there's nothing really so special about gadgets that makes them particularly valuable – or more importantly, irreplaceable.
So, my suggestion is (if you're truly worried about security) go ahead and follow the instructions to disable them. Windows Secrets has the information on that. They're a good source of information and highly respected.
If you are secure enough in your own ability to avoid malware and really feel you want to keep your gadgets, then carry on. Be careful, but carry on.
And finally, if you are aware of and get the sense (as I do) that gadgets
are going away over time, you may want to use this as that opportunity to wean
yourself off of their functionality and find some other alternatives.
Next from Answercast 42 – Do I need to worry about memory fragmentation?
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.