Microsoft urged Windows Vista users to download a new security tool that automatically disables suspicious or malicious “gadgets”, small applications that can display date, time or RSS feeds. Since gadgets are written in HTML and various scripts they can be dangerous or malicious. Windows Sidebar Protection, just 1MB large, prevent a malicious gadgets from installing, and if it’s installed, to block the gadget. Windows Sidebar Protection can be downloaded from Windows Update site. This update is optional, but depending on what settings have been selected in Automatic Updates, it may be downloaded and installed without any additional user interaction.

Every three months Oracle release security patches for flaws in its software products. Next Tuesday Oracle will release first Critical Patch Update for 2008 containing 7 security fixes, some of which will affect several products. This fixes are low by Oracle’s standards. Last October the company patched 51 vulnerabilities and none of the database vulnerabilities can be exploited over a network without the attacker first obtaining a username and password for the database. Software included in those fixes are E-Business Suite, Oracle Application Server, PeopleSoft and JD Edwards products and Oracle Enterprise Manager and the Oracle Collaboration Suite.

After small number of customer reports Microsoft admitted that is send wrong Vista patch to the wrong users. The update was one of three prerequisites for SP1 unveiled Tuesday and was supposed to go up only on Vista Enterprise and Vista Ultimate machines, since it targeted BitLocker, the full-drive encryption technology bundled with those premium versions of the operating system. Instead, the update was also offered to PCs running Vista Home Basic and Home Premium. As company representatives states customers who installed the initial release of the update on editions other than Ultimate or Enterprise should not be concerned as the update will have no negative impact on their systems.