Tuesday, January 30, 2007

Words can be dangerous...


I saw this post on dailydave today and laughed to myself. I thought with all the effort MS had put into the security of Vista something this obvious would not work. George Ou actually tried it and surprise, surprise it works. Sometimes you can’t see the trees for the forest (I did change this saying to fit this situation).

The amount of damage that can be done with this is uncertain, but I would wager its not high. It’s a pretty nifty hack though.

UPDATE: I am getting reports from more 3rd parties that this works. There are some things to keep in mind. The speech rec can be disabled and right now the worst affect of this can be pretty much the same effect of malicious javascript: sending web browsers to random pages. There is testing underway to see what other bay things can be done.

UPDATE 2:http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx

No comments: