Microsoft released an update for currently supported editions of Windows Vista that will protect gadget users.
Gadgets are mini-applications designed to provide the user with information or utilities. Windows Vista treats gadgets like it treats all executable code. Gadgets are written using HTML and script, but this HTML is not located on an arbitrary remote server as Web pages are. HTML content in the gadget is downloaded first as part of a package of resources and configuration files and then executed from the local computer. This download process is similar to the process for applications (.exe files) downloaded from the Internet.
The update does not block any specific gadget from running in Windows Sidebar but it enables Windows Sidebar to help protect against future potential security vulnerabilities in gadgets.
After the update is installed, when a user tries to install a vulnerable gadget from the Web, it will be blocked.