Vista Exploit Can Delete Your Files

From the Steve-Jobs-is-having-a-field-day-with-this department, Microsoft has confirmed a hole in Windows Vista's speech recognition capability that allows a malicious site or email attachment to delete files remotely. But I would actually classify this hole as nothing to be concerned about. For your Vista PC to be in any danger you must have speech recognition activated, along with your microphone on and your speakers set at a decent volume.

There's nothing high-tech about this exploit - if you open an mp3 attachment or go to someone's MySpace page that has one of those audio widgets, the audio could just tell your computer to delete things.

"The exploit scenario would involve the speech recognition feature picking up commands through the microphone such as 'copy', 'delete', 'shutdown', etc. and acting on them," a Microsoft security researcher wrote on the team's official blog.

Some Vista users have already tested the exploit and were able to delete files and empty the trash can so that the documents were not retrievable.



Okay, back to being serious; if you rely on Vista's speech recognition capability you'll be safe if you keep User Account Control enabled. By default, speech recognition cannot respond to UAC prompts. In the meantime I await the Mac TV ad where the Mac tells the PC to format itself, and it does.