Microsoft fix kills Windows Gadgets, warns it could lead to PC hijacks | Ars Technica
InfoWorldWhile Microsoft has a vested interest in getting Windows customers to move to Windows 8, many people figure they aren't going to be upgrading any time soon. So why, they ask, should they ditch Gadgets they've been using for years, when there haven't been any major warnings -- much less infections -- until now?
Time to kill (most) Windows Gadgets | InfoWorld
As far as I can see, the real issue was that people were installing Gadgets that constantly interacted with the Internet.
IMO, the timing was too convenient.
MS eliminated the Start Menu code (after W8 DP) when they found out that people were using a Registry setting to restore it, to force people to use the Start Screen.
I suspect their telemetry showed that people then started installing Start Menu replacements.
So then they
eliminated"made a lot of noise" about Gadgets to "force" people to use Live Tiles, which meant you had to use the Start Screen.
Last edited by lehnerus2000; 26 Oct 2014 at 23:02. Reason: Clarification
I don't think they eliminated gadgets. They are still a very popular feature in an OS whose popularity has never been higher. While they refused to fix the rendering problems in IE11 because of insisting they are no longer supported, they have not been disabled and millions still use them.
There are nearly identical gadgets with many more selections added that are available for 8 + 10 at 8GadgetPack - Gadgets for Windows 8. I'm using them now.
I meant that they "made a lot of noise" about them (just like Secure Boot).
More accurately, a lot of blogs suddenly ran articles about it and by that, I mean Chicken-Little-style noise ("The sky is falling!").
MS doesn't supply them any more.
When you say restored, do you mean a full restore off a boot disk or just restoring within the OS.[/QUOTE]
When I say that I restored twice I mean that I restored using a System Image file that I had created.
I have made 8 image files so far about one every other day.
I have now restored 4 times.
To make the System Image files I use, EaseUS TODO backup.
It's very easy to use and takes about 15 minutes to make an image of my C:\Windows 10 partition.
It takes about the same amount of time to restore it.
Before I make the Image File I run Malwarebytes, CCleaner, and defrag the files on the disk using Defraggler.
So when I restore it I'm right back where I was.
I don't install any of the software in the C:\ drive, I created a folder on another drive "Windows 10 software and image backups" so that I keep the size of the backup down to about 17 Gigabytes.
Here's a link to the backup software...
Best free backup software - EaseUS Todo Backup Free
Easiest backup software to use and it's FREE.
It's never failed to work for me.
BTW, MS also warned that 3rd party Gadgets were problematic in October 2013.
The InfoWorld article describes what the issue was (SOP - dodgy coding):InfoWorldWhile Gadgets work a lot like Web pages, running on the desktop, they aren't subject to many of the restrictions that normal Web pages encounter. Shaktov and Kohlenberg give one frightening example: By default, Gadgets can call up any ActiveX control. Gadgets run with standard user privileges and are prohibited from requesting UAC approval for any Administrator actions -- but the Gadget can run a locally installed application, and that application can raise a UAC prompt.
Perhaps the biggest vulnerability lies in the way Gadgets are given free rein when interacting with the Internet. Browsers have built-in protection against cross-domain hijacking, code injection, or man-in-the-middle attacks. Gadgets don't have any of that protection.
More damning, antivirus products aren't particularly adept at identifying malicious Gadgets. "[B]y design a gadget can perform actions exactly like a traditional compiled executable but operate under a completely different scope within the Sidebar process. Simply put, a gadget can do all that an executable can, without being considered as executable by the antivirus software," according to Shaktov and Kohlenberg's paper.
Time to kill (most) Windows Gadgets | InfoWorld
That info indicates that it should have been obvious from "Day 1" that the (security) model was broken.
An embarrassing oversight, since MS put a lot of work (or claimed that they had) into the Vista and W7 security.
They put a lot of effort into taming ActiveX in Internet Explorer, but ignored it elsewhere?
It should be okay. Anyone can use gadgets..... AT THEIR OWN RISK.
to all xp win 7 and windows8 users myself a windows 7 user bought new laptop 12 months ago with windows 8 preinstalled used for 3 weeks hated windows 8 so installed windows 7 I thought I will never give up windows7 then when windows tec preview was released I tried it after 2 days installed it as clean install over win 7 then installed new build 9860 wow if this was the final version of wind 10 I would buy it today I am not a windows fanboy just a novice 7 year casual user believe me microsoft has a massive hit on their hands.ps I forgot the Vista garbage that I swopped for xp