Unless you are hiding in your basement fearing the Vista twister, you would have heard/read/seen about the Vista Speech Recognition remote execution flaw. There are various takes on it, some escalating it, some playing it down. The Mac enthusiasts are having a field day. However, what really nails it down is Mark’s sarcastic, but important input.
Microsoft finally adds speech recognition to Windows, but they skip the part about preventing the output from the speakers from being treated as input to the microphone (you know, like phones have done for 100 years).
I think even if the exploit scenario might seem fabricated, this fundamental flaw can help in allowing an attack targeted at an organization. One cannot rely on the assumption that the scenario is difficult, especially with quality of the peripherals increasing everyday. I think it is a flaw, and a critical one. Good thing is that Microsoft has acknowledged it and hopefully they will eliminate it soon. For some this can be a reason to not install Vista. I am still looking for one to install it.
