Helping people with computers... one answer at a time.

There is some truth to rumors about security vulnerabilities in Windows gadgets. Perhaps, it's time to start looking for something else.

I just got some advice from Windows Secrets (another newsletter to which I subscribe) that says Windows gadgets are a potential security threat. I use several and I find them very handy. Do you agree that we should get rid of them? I'm using PCs with both Vista and Win 7. I'm firewalled and have Norton Internet Security as well as Malwarebytes. I regularly update them as well as my operating system.

In this excerpt from Answercast #42, I look at those fancy gadgets that have been showing on computers since Vista and why they're potential security vulnerabilities.

Gadget security

I have heard the issue about gadgets and my sense is two things. One is that:

  • There is, in fact, a vulnerability in the Microsoft implementation of how gadgets interface to Windows.

  • That vulnerability could apparently be exploited by malware.

  • The solution is to turn off support for gadgets completely.

In one sense, that makes me feel that yes, this is a legitimate threat; it's an unpatched vulnerability; the world knows about it. We should be taking steps.

On the other hand,

  • Gadgets are nothing more than computer programs that you use and you run everyday.

  • We all install and run computer programs.

Malware is invited in

Malware frequently appears as computer programs that we inadvertently run and install... whether they take advantage of a vulnerability in gadgets or not:

  • It's our act of inviting them onto our system that allows them to do the bad things that they do.

If you can avoid that (in other words, if you're good about avoiding, downloading, or inadvertently installing malware on your machine), I'm not sure that there's a high incremental benefit to disabling gadgets – particularly if gadgets are something you rely on.

Absolute security

Now, the most secure solution? Absolutely:

  • Disable them.

  • Live without your gadgets. (There's an argument for doing that, that I'll get to in a moment.)

So, in the absolute securest sense – sure go ahead and disable them. Aside from losing the gadget functionality (that, in your case, you happen to like), you're not really losing anything else.

And to be honest from what I've seen, most people don't really use gadgets that much.

Life without gadgets

Now, the thing I alluded to is that there is a sense that gadgets are possibly going away.

  • They were very prominent in Windows Vista;

  • They are not nearly as prominent in Windows 7;

  • And it's unclear whether they will be present, or if they'll be present in the same form in Windows 8 or beyond.

It's very possible that in the long term, Microsoft may not be that interested in supporting gadgets into the future. I do expect (or at least hope) that they're going to fix this particular vulnerability – because it is a vulnerability. It's a security issue and they should fix it.

But long term, now might be a good time to see exactly what it means to have a life without gadgets and what alternatives are out there for the various gadgets that you're using today.

Gadget alternatives

In reality, there are alternatives:

  • If you want a clock on your desktop, there are clocks you can get for your desktop.

  • If you want windows to scroll pictures, you can get applications that will do that kind of thing for you.

  • So there's nothing really so special about gadgets that makes them particularly valuable – or more importantly, irreplaceable.

So, my suggestion is (if you're truly worried about security) go ahead and follow the instructions to disable them. Windows Secrets has the information on that. They're a good source of information and highly respected.

If you are secure enough in your own ability to avoid malware and really feel you want to keep your gadgets, then carry on. Be careful, but carry on.

And finally, if you are aware of and get the sense (as I do) that gadgets are going away over time, you may want to use this as that opportunity to wean yourself off of their functionality and find some other alternatives.

Article C5674 - August 8, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

4 Comments
Frank H.
August 10, 2012 10:00 PM

Is an external modem considered a gadget? Since my DSL connected modem is on24 hours a day, I decided to disconnect it nightly just to dissipate some of the heat in the darned thing.
Am I damaging it?

snert
August 11, 2012 1:59 AM

There's part of an old song that goes like this "I got along without ya before I met ya and I can get along with out ya now." That's how I feel about gadgets. They aren't essential.

Hilary
August 11, 2012 4:42 AM

I can't do without Sticky Notes--or something approximating them. What C: drive Windows *accessory* (not gadget) will open in Truecrypt? Thank you.

I don't know. Basically any accessory that allows you to configure where it stores its data. Simply configure that storage to be the mounted TrueCrypt volume. I don't expect many small apps to allow you to do so, however.
Leo
11-Aug-2012

Mark J
August 11, 2012 8:17 AM

@Frank
In the original meaning of the word everything electronic is a gadget. Nowadays gadget has a few meanings, most commonly now, it means smart phone, tablets, gaming devices etc. The meaning referred to in the article is something completely different. Gadget, in this case, means a little program which appear in a small area on your Windows desktop. The vulnerability problem discussed refers to this kind of Gadget.
As for turning off your modem, the answer isn't so clear cut. There is some wear and tear caused be turning it off and on, but there is also the wear and tear caused by leaving it running. So the answer is a definite maybe.
This article discusses whether you should turn your computer off at night, but it applies in a similar manner to most devices. Should I turn my computer off at night?

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.