MS and others say that You should eliminate Gadget support because major bug(s)...
Bug is Windows that run all Gadgets, not any gadget themselves.

Microsoft Security Advisory (2719662)
Vulnerabilities in Gadgets Could Allow Remote Code Execution

MS Tools to kill/enable Gadget support.

More info (Article dated July 18, 2012) at Windows Secrets.

quote Why gadgets have earned a bad reputation Gadgets are little snippets of HTML code that work with few rules and no security sandboxing. That’s an open invitation to malicious hackers looking for unguarded entries into Windows. Although the vulnerability in gadgets has existed for years, two security researchers are shedding some new light on the threat. At next week’s annual hacker gathering in Las Vegas — Black Hat USA 2012 (more info) — Mickey Shkatov and Toby Kohlenberg will deliver their presentation, “We have you by the gadgets.” As is common for Black Hat presentation pre-announcements, there are as yet few details. But Shkatov and Kohlenberg promise, “We will be talking about the Windows gadget platform and what nastiness can be done with it, how are gadgets made, how are they distributed, and, more importantly, their weaknesses. … As a result, there [are] a number of interesting attack vectors that are interesting to explore and take advantage of. We will be talking about our research into creating malicious gadgets, misappropriating legitimate gadgets, and the sorts of flaws we have found in published gadgets.”

Security flaws signal early death of Windows Gadgets from ZDnet

Even if you don't use Gadgets, you should disable the feature. Only a secure feature are dead ones....

Most Gadgets are annoying at best but "all cpu meter" and other utilities from addgadgets.com can be very helpful. I use 2-3 of them...

------------------
Dr. Ian Malcolm: Yeah, but your scientists were so preoccupied with whether or not they could, they didn't stop to think if they should.
(Jurassic Park)

The Ogre's Fiero Cave (It's also at the top and bottom of every forum page...)

I wonder if Rainmeter and the like is similarly insecure?
It would be nice if they could find a way to make some of the widgets secure, I like having my temps/usage up on a second monitor..

I never liked them in Vista- I felt they ate up too much of the screen, and just slowed things down... Win 7 seems to deal with them better, but I'd rather use an actual 'app' than a 'gadget' or 'widget'...

Hope Windows 8 allows me to continue to tinker

This past week was insane- dealt with so many rootkits, trojans, and "blended attacks"...

It doesn't matter what Gadgets are in use... Windows software that runs all gadgets is the problem.

Untrustable gadget/widget framework software + Browser scripts turn on by default = a Huge target for drive-by download malware. I use FF w/ Noscript to stop many things...

MS stopped Gadgets DL from MS sites months ago so a patch/update for windows is low on the list. Tools link above is likely the end of it. Win8 doesn't use Gadget framework... (Play more? PC some but MS is "betting the farm" that PC is dieing soon and Win8RT is to lock down many things... Win8 on PC sucks big time.)

Yes, I hate Vista's Sidebar setup. Win7 is much better since can put a gadget anywhere. All cpu and other meters are good and smaller than running Perf Mon etc. (GPU meter has recent update and can see newer Video cards.)

Yahoo stopped supporting their Widget Windows and Mac software too.... Discontinued on April 11, 2012
No press as to why etc... Yahoo is bleeding money but nothing on any win/mac security problems. They are still available for phones and Tablets.

Thanks for the tip!

quote Originally posted by Stubby79: Thanks for the tip!

Welcome...

Can be a problem since many of us turn off UAC and run as adim too. But even users could have problem when Gadget framework is turn on.

I use VMs when a visit iffy sites but normals sites run script from ad farms etc and ads have a know malware history... and sites themselves can be hacked too...

If don't use Gadget then turn off Window's Gadget Framework is a good idea.
If you do... check for a normal app that does same thing. Allot of apps have skins that look like gadgets...

MS Tools to kill/enable Gadget support.
Just get the two Fix It tools and charge the name so make sense later in case you need to reinstall Windows etc...

[This message has been edited by theogre (edited 07-30-2012).]