14 DAY TRIAL // Symantec has decided to put the Windows Vista Speech Recognition vulnerability to the test. Via Speech Recognition, Vista users have the possibility to dictate arbitrary text instead of using the keyboard and to perform a selection of pre-defined tasks. Because Vista is designed to operate vocal commands such as "delete", "press the escape key," "press Ctrl and A" etc., the remote possibility exists that the operating system could be subverted via malicious audio clips.
James O'Connor, Symantec Security Response Engineer has tested the Vista Speech recognition and you are able to see the result first hand in the video embedded as the bottom. The scenario Symantec has proposed involves a user surfing the Internet with Speech Recognition enabled. If the user manages to find his way to a malformed website that contains a malicious audio clip playing in the background, theoretically, Vista could receive instructions through Speech Recognition.
"So is this feasible? We decided to test it out, by recording a short audio clip that deletes all the files in the "Pictures" folder. I then added the clip to a Web page and proceeded to visit that page. Sure enough, as soon as I opened the page, the computer began executing the commands, and soon all the files were deleted from the "Pictures" folder," explained O'Connor.
Symantec advised Vista users to switch off Speech Recognition while viewing the video. But for an "attack" to take place, there are additional aspects that need to go hand in hand, besides visiting the malicious site. Speech Recognition must be enabled, the speaker's volume must be turned up, and the microphone must be positioned adequately. And last but not least, the user must be deaf or simply allow the voice "attack" to carry on.
"Also, Speech Recognition cannot be used to bypass UAC (User Account Control), so unless UAC is disabled, a malicious clip can't make any critical changes to the system. In the scheme of things, this is probably not the most severe security risk ever to grace our presence, but it is an interesting new vector of attack that few people would have considered previously," O'Connor added.