Microsoft admits to Vista voice recognition flaw
Not 2 days after Microsoft's Vista operating system has been released, and already holes are appearing.
The latest gaffe is that Vista can respond to voice command to possibly irretrievably delete files by its own vocal command.
This could happen if malicious audio is posted on websites, or opened in an email attachment.
The company responded on its Security Response Center Blog that the problem could only arise if the user has configured the speech recognition feature, and if the speakers and microphone and are turned on.
Adrian, the Microsoft employee who posted to the blog, wrote, “It is not possible through the use of voice commands to get the system to perform privileged functions such as creating a user without being prompted by UAC for Administrator credentials”.
If someone did attempt an attack using the feature, the dictation on the audio file would also have to be exceptionally clear.