Vista Security Broken - Let Me Speak To Your ComputerBest Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
GFI LANguard - New Version 9 Out Now - Dld 30-day trial!   Get A Free iPod   Bookmark and Share 
Best Tips
Online Threats to Kids G...
What is a credit freeze?
Microsoft Office Attacks
Database Software Attac...
Panda Internet Security ...
Web Applications Attacks
What is a fraud alert?
DIY Windows Security Che...
Foundstone Free Security...
How To Recognize and Avo...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Vuln: DotNetNuke User Account Security Bypass Vulnerability
2009/12/24 0:00:00
Troj/Agent-LSX
2009/11/7 19:22:16
Troj/Delf-FDY
2009/11/7 19:22:16
Troj/Inject-KS
2009/11/7 19:22:16
Troj/Banker-EUX
2009/11/7 15:40:03
Our Partners
Downloads
 0.Google Sitemap Maker (Master Resale Rig...
 1.SEO Godfather
 2.AimOne Video Converter
 3.RSS Channel Writer
 4.JavaScript Drop Down Menu Creator
 5.PROcessu SeaBattle PPC
 6.Notes Organizer Deluxe
 7.NoClone Upgrade to Enterprise v4
 8.Aplus DVD to Pocket PC Ripper
 9.Intertech DVD Ripper
Windows Security : Vista Security Broken - Let Me Speak To Your Computer
Posted by Max on 2007/2/1 13:00:24 (1373 reads)
Windows Security

Microsoft is inspecting public reports of a probable vulnerability in Windows Vista’s speech recognition feature. Microsoft’s initial investigation discloses that this vulnerability could allow an attacker to use the speech recognition feature in Windows Vista to verbally execute commands on a user’s computer.

The attackers’ instructions are limited to the rights of the logged on user. User Account Control prohibits the attacker from executing any administrative level commands.


In order for an attack to be successful, the user would have to have a microphone and speakers connected to their system. In addition, the user would have had to configure the speech recognition feature. The attackers’ audio exploit (that’s a new!) would then issue verbal commands via the systems speakers that could potentially be carried out by the speech recognition feature.

Based on the initial investigation, Microsoft advises customers take the next actions to protect themselves from potential exploitation of the reported vulnerability:

A user can turn off their computer speakers and/or microphone.
If a user does run an audio file that attempts to execute commands on their system, they should close the Windows Media Player, turn off speech recognition and restart their computer.



Other articles
2009/11/3 14:55:39 - BitDefender Top Ten Malware Threats for October 09
2009/11/3 14:29:38 - Nov. 09 Microsoft Security Intelligence Report
2009/10/7 15:19:17 - StopSign AntiVirus and Anti-Malware is Windows 7 Compatible
2009/10/7 15:11:26 - New Outlook Backup and Migration Software By Disk Doctors
2009/9/30 4:20:57 - Microsoft Security Essentials, FREE Security Tool Just Released
2009/9/28 14:31:52 - New Rogue Antispyware Cloaked To Infects Computers
2009/9/9 4:31:49 - Trend Micro Proves Leadership in URL Filtering and Web Security
2009/9/9 4:16:20 - New Free Tool to Clean Conficker Once and For All
2009/9/1 8:37:11 - Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 Out Now
2009/9/1 7:54:50 - NEW P2P Advertising Network Protects Users Against Lawsuits And Identity Theft

The comments are owned by the poster. We aren't responsible for their content.



 

NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Sep '08 | Oct '08 | Nov '08 | Dec '08  Jan '09 | Feb '09 | Mar '09 | Apr '09 | May '09 | Jun '09 | Jul '09 
4000+ Security Software Downloads