Posts tagged: Speech

Vista Speech Command, a possible exploit

By , February 4, 2007 1:51 pm

Days after Vista was launched, some users had been discussing about the possibility exploit on the Speech Command feature. The speech command is one of Vista new feature. It allows user to speak thru the microphone, and the OS will execute the command given, that is, if the voice command is a valid command.

The exploit is not due to a bug in the Speech Recognition system, but rather the design of the system. It works by sending a victim a malicious audio file that contains voice commands, then by tricking the victim to play the audio file, the Speech Command will pick up the command thru the microphone (where the audio file was played out thru the speakers) and execute whatever the command is. For example, the victim received an audio file that has “shutdown” recorded in it. Unknowingly, the victim played the audio file and the Speech Command will pick it up and execute the “shutdown” command.

However for this exploit to work, the Speech Command must be enabled and the malicious audio file had to be played. Fortunately, the Speech Command is by default disabled.

Panorama Theme by Themocracy