When you try to install a gadget on a Windows Vista-based computer, you are prompted with a Windows Sidebar – Security Warning dialog box that contains the publisher information for the gadget. When you click the publisher name and view the certificate information, you may see the following message even though the time stamp indicates that the certificate has not expired:

This certificate has expired or is not yet valid.


Windows Sidebar no longer appears on the desktop. When you click the Windows Sidebar icon or try to run the program to start it, Windows Sidebar still does not appear. Several things might have caused this to occur. For example, Windows Sidebar may have disappeared when you uninstalled a program.


Considering the following scenario:

  • On a Windows Vista-based computer, you modify the Settings.ini file to customize the Windows Sidebar. This file is located in the following folder:

    %ProgramFiles%\Windows Sidebar

  • You install hotfix 943411 or Windows Vista Service Pack 1 on the computer.

In this scenario, when you log on to the computer with a user account that has never logged on to the computer before, the Windows Sidebar customizations are lost.

Note: The Windows Sidebar customizations include the following settings:

  • Whether the Windows Sidebar should start when Windows Vista starts
  • Whether the Windows Sidebar should be visible on the desktop or should be displayed as a tray icon
  • Which gadgets should be displayed by default. These may include OEM gadgets


When you run a full-screen application, such as a game, the Windows Sidebar may flash or appear on top of the application or game briefly.


This article documents the Windows Sidebar Protection update that was made to the Windows Sidebar for Windows Vista. The update was made to allow for the Windows Sidebar to perform the following actions:

  • Generate unique identifiers for all gadgets that run in the Windows Sidebar
  • Receive a list of known vulnerable gadgets from Microsoft by using Windows Update
  • Stop a gadget from running in the Windows Sidebar if the gadget has been determined to be vulnerable
  • Stop a gadget from being installed if the gadget has been determined to be vulnerable

The list of known vulnerable gadgets is released by Microsoft on the Windows Update Web page in the Windows Sidebar Protection update. The update prevents vulnerable gadgets from being installed or from running if the gadget is already installed.


You use the System Preparation (Sysprep) tool and an Autounattend.xml file to add a custom gadget to the Windows Sidebar in Windows Vista. When you run the SFC.exe /scannow command or the SFC.exe /verifyonly command, you receive error messages in the CBS.log file.


UpdatesDescription: The update to improve Windows Sidebar Protection enables Windows Sidebar to help block gadgets from running in Sidebar. This update enables Windows Sidebar to help protect against future potential security vulnerabilities in gadgets.
While this update does not address any critical security vulnerabilities, the update does increase the reliability and resiliency of Windows Sidebar. Continue reading “KB943411”

ITsVISTA Web Links: December 14th, 2007