Windows Sidebar Protection update for Windows Vista

Article translations Article translations
Article ID: 941411 - View products that this article applies to.
Expand all | Collapse all

On This Page

SUMMARY

This article documents the Windows Sidebar Protection update that was made to the Windows Sidebar for Windows Vista. The update was made to allow for the Windows Sidebar to perform the following actions:
  • Generate unique identifiers for all gadgets that run in the Windows Sidebar
  • Receive a list of known vulnerable gadgets from Microsoft by using Windows Update
  • Stop a gadget from running in the Windows Sidebar if the gadget has been determined to be vulnerable
  • Stop a gadget from being installed if the gadget has been determined to be vulnerable
The list of known vulnerable gadgets is released by Microsoft on the Windows Update Web page in the Windows Sidebar Protection update. The update prevents vulnerable gadgets from being installed or from running if the gadget is already installed.

For more information about the latest service pack for Windows Vista, click the following article number to view the article in the Microsoft Knowledge Base:
935791 How to obtain the latest Windows Vista service pack

MORE INFORMATION

User experience when a gadget is installed that has the Windows Sidebar Protection update applied

Previously, when a user tried to install a gadget from the Web, the user would see one of the following dialog boxes, depending on whether the gadget's publisher was identifiable:

Collapse this imageExpand this image
 Figure 1 Sidebar installation dialog box for gadgets that have unknown publishers

Figure 1 Sidebar installation dialog box for gadgets that have unknown publishers

Collapse this imageExpand this image
 Figure 2 Sidebar installation dialog box for gadgets that have known publishers

Figure 2 Sidebar installation dialog box for gadgets that have known publishers

After the update is installed, when a user tries to install a vulnerable gadget from the Web, and the gadget is blocked by Windows Sidebar Protection, the user will also see the following dialog box:

Collapse this imageExpand this image
 Figure 3 A gadget that has been blocked

Figure 3 A gadget that has been blocked

This dialog box informs the user that the gadget has been blocked because it is a security risk to the computer.

The "More information" section of the Windows Sidebar Security dialog box

The More information section of the Windows Sidebar Security dialog box contains the following fields:
  • More information
    Provides a link to this Microsoft Knowledge Base (KB) article
  • Support
    Provides a link to a KB article that identifies where to obtain the updated (secure) gadget

User experience when a running gadget has the Windows Sidebar Protection update applied

If the gadget is running, Windows Sidebar Protection stops the gadget. Additionally, Windows Sidebar Protection prevents the gadget from running again. When the gadget is blocked, a dialog box appears to inform the user. If the gadget is not running when the Windows Sidebar Protection update is installed, the gadget is prevented from running again.

Collapse this imageExpand this image
 Figure 4 Dialog box that appears when a running gadget is blocked

Figure 4 Dialog box that appears when a running gadget is blocked

When a gadget is blocked during installation or blocked from running, the user is notified that the gadget can no longer be run in the following Gadget Gallery dialog box:

Collapse this imageExpand this image
 Figure 5 Gadget Gallery that displays the blocked gadget

Figure 5 Gadget Gallery that displays the blocked gadget
  • The gadget icon in the Gadget Gallery is unavailable. This unavailable (dimmed) icon is located in the place where the gadget's icon previously existed.
  • If the user hovers the mouse pointer over the gadget icon, a tooltip is displayed that describes that the gadget is a security risk.
  • The dimmed icons cannot be dragged.
  • If the user clicks the gadget icon one or more times, the following events occur:
    • The details section of the Gadget Gallery is expanded if it is currently collapsed.
    • The same tooltip is displayed prominently in the Gadget Gallery's details area. The tooltip describes that the gadget is a security risk.
    • The gadget's name and the Windows Vista security risk icon appear in the Gadget Gallery, as shown in Figure 5.
For more information about the Windows Sidebar Protection update, click the following article number to view the article in the Microsoft Knowledge Base:
943411 Microsoft Security Advisory: Update to improve Windows Sidebar Protection
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.

Properties

Article ID: 941411 - Last Review: July 1, 2010 - Revision: 3.0
APPLIES TO
  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Home Basic 64-bit Edition
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Business 64-bit Edition
  • Windows Vista Business
  • Windows Vista Enterprise
  • Windows Vista Home Basic
  • Windows Vista Home Premium
  • Windows Vista Ultimate
  • Microsoft Security Essentials
Keywords: 
kbvistasp1fix kbinfo kbexpertiseinter kbhowto kbgraphxlink KB941411

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com