Check out Michael Howard's and Dave Ross' nice article on how to write a more secure gadget at http://msdn2.microsoft.com/en-us/library/bb498012.aspx.