Vista's Speech Recognition (Hilarity Ensues)

So I was following this thread on the Daily Dave list for a couple days and it was just ridiculously funny. So Vista added speech recognition to allow commands to be spoken to control the computer. Good for them, only 14 years late to the Mac party. Anyway, when you think about it, it seems natural that you don't want to allow the computer to pick up noise from it's own speakers while it's trying to hear the human speaking commands. Well apparently it wasn't so obvious to the Vista developers. :) Therefore the vector of interest to us was the original thought of a website playing an audio file while Vista is running speech recognition. Of course the thread goes on to describe a funny scenario where the malware is spread by the computers shouting out to other computers in the area to go download and execute trojans. Of course having the computer not listen to itself wouldn't protect from that attack, so people suggested things like having you speak a custom user-defined phrase before commands and so on the thread went. All in all, good times.

There's a MSRC security blog acknowledgment of the issue, but it's sandwiched in between the middle of the mitigating factors and a description of how great this new feature is. :)

Unfortunately there is no CVE for this issue at this time. :P