Staying on the Microsoft theme, MSDN have published guidelines for sidebar gadget developers in order to avoid Cross Site Scripting (XSS) vulnerabilities. As gadgets are built from HTML, JavaScript, and potentially ActiveX controls, they are a prime candidate for XSS vulnerabilities. Bare this in mind before installing the latest gadget you have found on the Internet.
