Vista Security Broken - Let Me Speak To Your ComputerBest Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
Automatically monitor network security event logs - Dld FREE trial!  Bookmark and Share 
Best Tips
You Must Increase Intern...
Windows Libraries Attack...
Safety Tips for Fighting...
3 Simple Facebook Securi...
Beware of AmericanGreeti...
Security, Enterprise, an...
Free Desktop Security T...
How To Do Safe Online Tr...
Top 5 Security Trends t...
Trend Micro Internet Sec...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Vuln: 'com_abbrev' Joomla! Component 'controller' Parameter Local File Include Vulnerability
2010/12/31 0:00:00
Vuln: Joomla! 'com_countries' Component 'locat' Parameter SQL Injection Vulnerability
2010/12/31 0:00:00
Vuln: Discuz! 'referer' Parameter Cross Site Scripting Vulnerability
2010/12/31 0:00:00
Vuln: Kayako eSupport 's_query' Parameter HTML Injection Vulnerability
2010/12/31 0:00:00
eBanking Notification - Lloyds TSB
2010/9/9 12:00:02
Our Partners
firewall download
Downloads
 0.TarcisSansUT Heavy PC
 1.Batch Fax to PDF
 2.Quick Batch File Compiler
 3.ChargeMeter - money meter & dialer prot...
 4.Wondershare Flash to PSP Converter
 5.PhotoOne Print
 6.Savannah Safari - Animated Screensaver
 7.MailTrack
 8.Avex DVD to iPhone Converter
 9.PhotoPackager
Windows Security : Vista Security Broken - Let Me Speak To Your Computer
Posted by Max on 2007/2/1 13:00:24 (1773 reads)
Windows Security

Microsoft is inspecting public reports of a probable vulnerability in Windows Vista’s speech recognition feature. Microsoft’s initial investigation discloses that this vulnerability could allow an attacker to use the speech recognition feature in Windows Vista to verbally execute commands on a user’s computer.

The attackers’ instructions are limited to the rights of the logged on user. User Account Control prohibits the attacker from executing any administrative level commands.


In order for an attack to be successful, the user would have to have a microphone and speakers connected to their system. In addition, the user would have had to configure the speech recognition feature. The attackers’ audio exploit (that’s a new!) would then issue verbal commands via the systems speakers that could potentially be carried out by the speech recognition feature.

Based on the initial investigation, Microsoft advises customers take the next actions to protect themselves from potential exploitation of the reported vulnerability:

A user can turn off their computer speakers and/or microphone.
If a user does run an audio file that attempts to execute commands on their system, they should close the Windows Media Player, turn off speech recognition and restart their computer.



Other articles
2010/9/1 14:59:07 - New Acunetix Web Vulnerability Scanner 7 Released !
2010/8/26 4:31:23 - Latest Panda Security Survey
2010/8/25 17:11:47 - NEW August 2010 Symantec MessageLabs Intelligence Report
2010/8/25 17:04:12 - GFI VIPRE Antivirus Earns Gold Level OESIS OK Certification
2010/8/25 16:59:22 - NEW IBM X-Force H1 2010 Report On Global Security
2010/8/24 7:58:12 - Identity Finder Offers Free Identity Protection for College Students
2010/8/24 7:55:18 - ESET NOD32 Antivirus Confident on Southern Africa Security Market
2010/8/24 7:51:10 - Returnil Virtual System Receives Virus Bulletin's VB100 Award
2010/8/24 7:46:57 - SharperLending’s Appraisal Firewall Technology Keeps Appraisers Independent and Lenders Compliant
2010/8/19 11:01:51 - Avalanche Group Phishing Attacks Decrease in Q2 2010 in Favour of Malware Attacks

The comments are owned by the poster. We aren't responsible for their content.



 

NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Feb '09 | Mar '09 | Apr '09 | May '09 | Jun '09 | Jul '09 | Aug '09 | Sep '09 | Oct '09 | Nov '09 | Dec '09 | Jan '10 | Feb '10 
4000+ Security Software Downloads