The trouble started when I played a track called “Die, Computer, Die” by the Malwares

Well, that didn’t take long at all. The consumer version of Windows Vista has been available for what, 48 hours now, and we’ve already gotten our first confirmed exploit. It seems that Vista’s Speech Recognition feature (and I use that term loosely) can be used to verbally subvert the OS. “I recorded a sound file that would engage speech command on Vista, then engaged the start button, and then I asked for the command prompt,” ZDnet’s George Ou wrote. “When I played back the sound file with the speakers turned up loud, it actually engaged the speech command system and fired up the start menu. I had to try a few more times to get the audio recording quality high enough to get the exact commands I wanted but the shocking thing is that it worked!”

Alerted to the exploit, Microsoft’s security response team investigated it and confirmed that it does indeed work. But it’s not quite as dangerous a vulnerability as the buzz around it suggests. “It is not possible through the use of voice commands to get the system to perform privileged functions such as creating a user without being prompted by UAC for Administrator credentials,” the team explained. “The UAC prompt cannot be manipulated by voice commands by default. There are also additional barriers that would make an attack difficult including speaker and microphone placement, microphone feedback, and the clarity of the dictation.” So clearly there are a number of mitigating factors here. That said, those of you currently running Vista might do well to disable speech recognition until Microsoft adjusts it to prevent unauthorized speech commands. God forbid we end up in a scenario like the one described by Dan Geer, VP and Chief Scientist at Verdasys: “I can see it now; all you need is one 0wned host every
few feet and you can bark commands to all the others
within earshot. First thing you tell them is to join in
the sing-along. It would make a great movie scene — with
maybe Richard Clarke looking over his shoulder down a
corridor in the Pentagon and saying “Do you hear that?”
as a crescendo of “halt-and-catch-fire” rises in the
in the distance…”


Share this Post

  • LarsG

    “The most stringent protection of free speech would not protect a man falsely shouting format C: in a computer lab and causing a panic.”

    With apologies to Oliver Wendell Holmes, Jr.

  • DV Henkel-Wallace

    C’mon this hardly counts as an exploit….and if it does, well, the Mac has had this “risk” for ages.