Windows Vista vulnerable to speech recognition attack
Last Updated: Friday, February 2, 2007 | 12:50 PM ET
CBC News
Related
Internal Links
External Links
- Sebastian Krahmer blog post
- George Ou blog post
- Adrian Stone's Microsoft Security Response Center blog post
(Note: CBC does not endorse and is not responsible for the content of external sites - links will open in new window)
Microsoft Corp. is playing down reports that it is possible for an attacker to use the speech recognition function of its new Windows Vista operating system to execute commands on a personal computer.
The world's largest software maker has been touting stronger security features in the new OS. Consumer versions were launched on Jan. 30.
"While we are taking the reports seriously and investigating them accordingly, I am confident in saying that there is little, if any, need to worry about the effects of this issue on your new Windows Vista installation," Microsoft security response centre researcher Adrian Stone wrote in a post to the group's blog Wednesday.
In order for the attack to work, a potential victim would need to have the speech recognition feature activated, speakers and microphone turned on and be tricked into opening a file that plays audio commands or lured to a specially crafted web page that automatically plays an audio file when it loads.
"Of course, this would be heard and the actions taken would be visible to the user if they were in front of the PC during the attempted exploitation," Stone wrote, noting that it is not possible to use the vulnerability to perform "privileged functions" such as creating a user.
The vulnerability affects computers running Vista and not older versions of Windows, Stone wrote, because the new operating system's speech recognition features were designed to be more extensive and easier to use to help people with impaired or lower dexterity.
Sebastian Krahmer suggested the possibility of the vulnerability on his software blog C Skills, and it was subsequently tested and reported by ZDNet technology writer George Ou on his Real World IT blog.
Share Tools
Top News Headlines
- Canadian Pacific strikers face back-to-work legislation
- Labour Minister Lisa Raitt is prepared to end the Canadian Pacific Railway strike if necessary, after both CP and the union rejected a proposal for voluntary arbitration by the government-appointed negotiator on Sunday. Raitt says she is "extremely disappointed." more »
- Syrian regime denies role in Houla massacre
- The UN Security Council condemned the Syrian regime at an emergency meeting Sunday, holding president Bashar al-Assad's military responsible for the massacre of more than 100 people, dozens of whom were children younger than 10 years old. more »
- Ryder Hesjedal wins prestigious Giro d'Italia
- Victoria, B.C., native Ryder Hesjedal has become the first Canadian to win one of the cycling world's three Grand Tour events, wrapping up the 2012 Giro d'Italia with an excellent performance in the final stage in Milan. more »
- Neighbour may have helped find missing kids in Mexico
- Two Winnipeg children who had been missing for nearly four years were found in Mexico after a man raised concerns about his neighbour, according to a private investigator. more »
Latest Business Headlines
- Bankia asks Spain for €19B
- The board of directors of Spain's troubled bank, Bankia, has asked the Spanish government for €19 billion ($24.5 billion Cdn) in financial support. more »
- EI reforms aim to boost employment, Flaherty says
- Finance Minister Jim Flaherty defended his government's proposals to change employment insurance, saying the aim is to remove "disincentives to employment." more »
- Employment Insurance review boards to be scrapped
- The federal government is scrapping two review boards used by people appealing decisions made about their employment insurance. more »
- Ottawa moves to limit foreign investment reviews
- The federal government is raising to $1 billion the amount of foreign money that can go into a Canadian company before the investment is reviewed. The review has been used in the past to block foreign takeovers of MDA and Potash Corp. more »
Lang & O'Leary Exchange
Markets
| Index | Last Trade | Change |
|---|---|---|
| TSX COMPOSITE | 11576.47 | 10.4 |
| DOW | 12454.83 | -74.92 |
| NASDAQ | 2837.53 | -1.85 |
| SP 500 | 1317.82 | -2.86 |
| NYSE COMPOSITE | 7534.32 | -18.01 |
| AMEX | 2227.37 | 1.45 |
| TSX-VENTURE | 1309.27 | 26.8 |
The data on this site is informational only and may be delayed; it is not intended as trading or investment advice and you should not rely on it as such.
Business Features
- Accused in blast that killed Alberta mom handled her funds
- Remains found in bag on Cape Breton river ID'd
- Neighbour may have helped find missing kids in Mexico
- Quebec students, government to resume talks
- Syrian regime denies role in Houla massacre
- Lip-dub marriage proposal an internet hit
- Canadian Pacific strikers face back-to-work legislation
- B.C. NDP calls for unity in fighting coast guard closure
- Calgary Marathon winner breaks 21-year-old record
