[Dailydave] Vista speach recognition
George Ou
george_ou at lanarchitect.net
Wed Jan 31 06:08:33 EST 2007
I just verified that TinyURL.com will give you a nice URL to an executable.
Here's an example of a URL that opens a .EXE file.
http://tinyurl.com/3d588b
Now imagine that this was actually a user-mode malicious payload that avoids
triggering UAC which contains ransomware. It's very easy to use Vista
speech command open IE7 and say "tinyURL.com/3d588b", "enter", "run". That
will actually download and launch your desired payload from any website and
TinyURL will make it easy to say. This is actually easier than my
successful document-deleting recycle bin emptying test because it's a
shorter script.
George
More information about the Dailydave
mailing list