Vista Security Broken - Let Me Speak To Your ComputerBest Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
GFI LANguard - New Version 9 Out Now - Dld 30-day trial!   $100 Free Sweep   Bookmark and Share 
Best Tips
How to File Your Tax Sec...
5 Good Security Habits
How To Use BCC Email Fie...
What is a Firewall ?
How To Setup LimeWire Fi...
F-Secure Internet Securi...
How to fight cyberbullyi...
Windows Vista Fails to H...
More Online Shopping Se...
Travel Tips to Safeguard...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Vuln: DotNetNuke User Account Security Bypass Vulnerability
2009/12/24 0:00:00
Troj/Bckdr-QWK
2009/7/3 22:52:05
Troj/Bckdr-QWL
2009/7/3 22:52:05
Waledac July Campaign
2009/7/3 21:32:02
Mal/WaledPak-G
2009/7/3 17:46:40
Our Partners
Downloads
 0.CryptoHeaven
 1.EZ AVI To WMV Converter
 2.Movavi Video Converter - Duo-License
 3.VirginiaCondensedUT RegularItalic Mac
 4.Web Replay
 5.Super Cubes
 6.Label Spirit 2008 Professional (3-User ...
 7.Quizland PocketPC
 8.Sea Sunset - Animated Wallpaper
 9.LingvoSoft Dictionary English <->...
Windows Security : Vista Security Broken - Let Me Speak To Your Computer
Posted by Max on 2007/2/1 13:00:24 (1258 reads)
Windows Security

Microsoft is inspecting public reports of a probable vulnerability in Windows Vista’s speech recognition feature. Microsoft’s initial investigation discloses that this vulnerability could allow an attacker to use the speech recognition feature in Windows Vista to verbally execute commands on a user’s computer.

The attackers’ instructions are limited to the rights of the logged on user. User Account Control prohibits the attacker from executing any administrative level commands.


In order for an attack to be successful, the user would have to have a microphone and speakers connected to their system. In addition, the user would have had to configure the speech recognition feature. The attackers’ audio exploit (that’s a new!) would then issue verbal commands via the systems speakers that could potentially be carried out by the speech recognition feature.

Based on the initial investigation, Microsoft advises customers take the next actions to protect themselves from potential exploitation of the reported vulnerability:

A user can turn off their computer speakers and/or microphone.
If a user does run an audio file that attempts to execute commands on their system, they should close the Windows Media Player, turn off speech recognition and restart their computer.



Other articles
2009/7/1 13:22:13 - Ultimate Firewall : Location Aware WLAN Firewall by Trapeze Networks
2009/6/28 16:04:09 - New Panda 2010 Ultra-Ligh Security Products
2009/6/24 17:08:30 - Red Condor's Spam Trip Wire Detects a New Computer Virus
2009/6/22 4:32:25 - Finjan's Research Unveils Botnet Trading Platform for Hacked PCs
2009/6/22 4:23:14 - Panda GateDefender Integra Delivers 'Plug and Protect' UTM Security Appliance
2009/6/16 15:42:26 - SanDisk Cruzer Enterprise Wins 2009 Product Innovation Award
2009/6/9 9:02:20 - Weekly $100 Sweepstake Launched By BestSecurityTips.com
2009/6/8 11:29:49 - Paretologic Released a New Free Online Malware Scan
2009/6/8 11:13:17 - New Release of Djigzo Open Source Email Encryption Gateway
2009/5/31 17:27:39 - New BitDefender Online Scanner Released

The comments are owned by the poster. We aren't responsible for their content.



 

NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Jun '08 | Jul '08 | Aug '08 | Sep '08 | Oct '08 | Nov '08 | Dec '08  Jan '09 | Feb '09 | Mar '09 | Apr '09 
4000+ Security Software Downloads