Security alert for Windows7 and Vista users
I subscribe to a couple of Window users sites and apparently Windows “gadgets” are not protected against malware and need to be disabled urgently
At next week’s annual hacker gathering in Las Vegas — Black Hat USA 2012 (more info) — Mickey Shkatov and Toby Kohlenberg will deliver their presentation, “We have you by the gadgets.” As is common for Black Hat presentation pre-announcements, there are as yet few details. But Shkatov and Kohlenberg promise, “We will be talking about the Windows gadget platform and what nastiness can be done with it, how are gadgets made, how are they distributed, and, more importantly, their weaknesses. … As a result, there [are] a number of interesting attack vectors that are interesting to explore and take advantage of. We will be talking about our research into creating malicious gadgets, misappropria! ting legitimate gadgets, and the sorts of flaws we have found in published gadgets.”
Much to their credit, Shkatov and Kohlenberg have been in talks with Microsoft, apparently divulging some of their findings. (The point of Black Hat is to reveal detailed information on how new security exploits work, thus pushing software developers into rapidly patching their code.)
More details at WindowsSecrets.com.