Following up a posting on a security mailing list, it has been confirmed by security experts that Microsoft's Windows Vista could contain system commands activated by audio files running on a Web site.

According to ZdNet IT blogger George Ou, there are basic commands that can delete users' files without the need of specifying a password.

Independent security professionals and Microsoft experts have both confirmed the issue, but they stressed the vulnerability has significant pre-conditions before anyone can exploit it.

"In order for an attack to be successful, the user would have to have a microphone and speakers connected to their system," the software giant stated in an advisory sent to SecurityFocus. "In addition, the user would have had to configure the speech recognition feature."

Microsoft noted that User Access Control feature, that has been introduced in Windows Vista, requires a password to do administrative tasks which extremely reduces any threat from voice commands.

More on that topic can be found at DailyDave security mailing list