Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote Exploit of Vista Speech Control

Posted by kdawson on from the format-C-yes dept.

An anonymous reader writes "George Ou writes in his blog that he found a remote exploit for the new and shiny Vista Speech Control. Specifically, websites playing soundfiles can trigger arbitrary commands. Ou reports that Microsoft confirmed the bug and suggested as workarounds that either 'A user can turn off their computer speakers and/or microphone'; or, 'If a user does run an audio file that attempts to execute commands on their system, they should close the Windows Media Player, turn off speech recognition, and restart their computer.' Well, who didn't see that coming?"

3 of 372 comments (clear)

  1. Oh no... by ifknot · · Score: 0, Troll

    I forsee an exponential rise in loud annoying web sites shouting commands :( A n other reason (if more were needed) not to vi$tarize

    --
    we are all cosmic nuclear waste
  2. Favorite exploit EVAR by idontgno · · Score: 0, Troll

    "My name is Leenus Torvalts and I pronounce Leenux 'echo wy pipe format c colon slash you'"

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  3. Way to go, Slashdot by eck011219 · · Score: 1, Troll

    Yet another batch of truly astounding BS about Vista topped by a misleading headline. This is not a Vista-specific defect, this is a characteristic of voice commands (but granted, a very valid reason why it's an unreliable way to try to run a computer under many circumstances).

    And more to the point, if I have a Mac with voice recognition software installed, is it somehow NOT prone to this?

    There are several things wrong with Vista, but this isn't one of them. Are we all so hungry for security-related dirt about Vista that THIS is what constitutes "news for nerds" or "stuff that matters"? Good gravy.

    --
    It is pitch black. You are likely to be eaten by a grue.