Vista feed gadget not updating

04-Apr-2020 22:31

A security advisory issued by Microsoft’s security team advises that vulnerabilities exist that could allow malicious code to be executed via the Windows Sidebar when running insecure Gadgets.The warning comes ahead of a talk scheduled for Black Hat later this month by Mickey Shkatov and Toby Kohlenberg.

In its Security Advisory 2719662, Microsoft also thanked Mickey Shkatov and Toby Kohlenberg for working with them on this issue.

John Corpuz flip-flopped between computer science and creative writing courses in school.

As a contributor to Tom's Guide he's found a happy middle ground writing about apps, mobile gaming and other geekery.

If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system.

An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In its Security Advisory 2719662, Microsoft also thanked Mickey Shkatov and Toby Kohlenberg for working with them on this issue.

John Corpuz flip-flopped between computer science and creative writing courses in school.

As a contributor to Tom's Guide he's found a happy middle ground writing about apps, mobile gaming and other geekery.

If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system.

An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Clearly Microsoft is worried about the security researchers’ findings, and has issued a “Fix It Tool” which will protect Windows 7 and Vista users by entirely disabling the Windows Sidebar and Gadgets functionality. Microsoft hasn’t issued a security patch to fix the vulnerability.