Microsoft discontinued Windows sidebar gadgets because they posed a serious security risk it couldn't patch without disabling the gadgets altogether. By exploiting the security vulnerabilities, attackers could gain access to private files and cause harm to the computer by messing up system files. These vulnerabilities affected multiple Windows versions, ranging from Windows Vista Service Pack 2 to Windows 7 Service Pack 1, including both 32- and 64-bit versions.
When users ran a gadget in Windows Sidebar, attackers exploited the security hole and ran arbitrary code as if they were users themselves. This was particularly problematic because attackers could gain administrative privileges if the original users logged in as administrators beforehand. After breaching the security, attackers created malicious gadgets, tricked users into installing them, and ran code that took full control over the system.
To deal with this problem, Microsoft released an automated solution, which users can download from the Support section on Microsoft.com. Microsoft also allows users to apply workaround solutions by modifying the Windows Sidebar settings via the Local Group Policy Editor window or by modifying the registry to disable the Windows Sidebar by force. Starting with Windows 8, Microsoft replaced the sidebar gadgets with apps, promising improved functionality and better security, as well as app versions of popular gadgets.