Vista Security Broken - Let Me Speak To Your ComputerBest Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
Internet security & monitoring for networks - Dld trial!  Bookmark and Share 
Best Tips
Use Common Sense To Keep...
Instant Messaging Attack...
How To Prevent Corrupted...
Beware Of Facebook Host...
How To Setup Nintendo Wi...
Read How To Protect Agai...
Top 5 Windows Mobile Ant...
Laptop Security Cheatshe...
5 Security Threats You M...
Tax Preparers Exposing S...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Vuln: 'com_abbrev' Joomla! Component 'controller' Parameter Local File Include Vulnerability
2010/12/31 0:00:00
Vuln: Joomla! 'com_countries' Component 'locat' Parameter SQL Injection Vulnerability
2010/12/31 0:00:00
Vuln: Discuz! 'referer' Parameter Cross Site Scripting Vulnerability
2010/12/31 0:00:00
Vuln: Kayako eSupport 's_query' Parameter HTML Injection Vulnerability
2010/12/31 0:00:00
Troj/Dldr-DH
2010/3/21 12:05:59
Our Partners
Downloads
 0.TarcisSansUT Heavy PC
 1.Batch Fax to PDF
 2.Quick Batch File Compiler
 3.ChargeMeter - money meter & dialer prot...
 4.Wondershare Flash to PSP Converter
 5.PhotoOne Print
 6.Savannah Safari - Animated Screensaver
 7.MailTrack
 8.Avex DVD to iPhone Converter
 9.PhotoPackager
Windows Security : Vista Security Broken - Let Me Speak To Your Computer
Posted by Max on 2007/2/1 13:00:24 (1481 reads)
Windows Security

Microsoft is inspecting public reports of a probable vulnerability in Windows Vista’s speech recognition feature. Microsoft’s initial investigation discloses that this vulnerability could allow an attacker to use the speech recognition feature in Windows Vista to verbally execute commands on a user’s computer.

The attackers’ instructions are limited to the rights of the logged on user. User Account Control prohibits the attacker from executing any administrative level commands.


In order for an attack to be successful, the user would have to have a microphone and speakers connected to their system. In addition, the user would have had to configure the speech recognition feature. The attackers’ audio exploit (that’s a new!) would then issue verbal commands via the systems speakers that could potentially be carried out by the speech recognition feature.

Based on the initial investigation, Microsoft advises customers take the next actions to protect themselves from potential exploitation of the reported vulnerability:

A user can turn off their computer speakers and/or microphone.
If a user does run an audio file that attempts to execute commands on their system, they should close the Windows Media Player, turn off speech recognition and restart their computer.



Other articles
2010/3/18 8:07:31 - Panda Cloud Antivirus Receives ICSA Labs' First Cloud-Based Certification
2010/3/17 15:49:34 - Open-Source Email Security Taken To The Next Level at WebhostingDay
2010/3/17 15:18:40 - McAfee Warns ABout Scareware or Fake Antivirus Software
2010/3/2 5:22:13 - VeriSign and AVG Will Integrate VeriSign Trust(TM) Seal Within AVG LinkScanner(R)
2010/3/1 7:36:12 - New Stealth Software Protects P2P Users From Lawsuits by Copyright Holders
2010/2/24 13:55:16 - New State of The Art Firewall By Palo Alto Networks
2010/2/24 13:50:26 - Beware of Fake Antimalware Programs Like PCsProtector
2010/2/24 13:38:02 - New Registry Cleaner Guide Helps Your PC Perform Faster
2010/2/3 7:32:43 - PC Login Now (Full version) Available Now For Free.
2010/2/3 7:11:57 - Mitto Named One of 20 Top Web Applications

The comments are owned by the poster. We aren't responsible for their content.



 

NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Feb '09 | Mar '09 | Apr '09 | May '09 | Jun '09 | Jul '09 | Aug '09 | Sep '09 | Oct '09 | Nov '09 | Dec '09 | Jan '10 | Feb '10 
4000+ Security Software Downloads