Jump to content

Huge Cortana exploit allowed an attacker to bypass Windows 10’s lock screen


Recommended Posts

Windows 10 users will likely be concerned to hear that Cortana had major vulnerabilities, which allowed a malicious party to potentially bypass the lock screen – or easily view sensitive information from it – although the good news is that Microsoft has just patched these issues.

McAfee uncovered and documented the security flaws in a lengthy blog post, with one simple issue being the fact that you could trigger the voice assistant from the lock screen (assuming Cortana is enabled in this respect, on default settings), and bring up a contextual Windows 10 menu simply by typing while Cortana is listening to a query.

And the details of files – and possibly file contents – revealed in that contextual menu could potentially leak sensitive information from the locked laptop.

Beyond that, the security firm found that it was possible to exploit Cortana in order to execute code on the PC from the lock screen, allowing an attacker to trigger a backdoor dropped from, say, a previously successful phishing email attack.

Moreover, McAfee further demonstrated an exploit of the digital assistant that allowed a payload to be locally executed from a USB stick, with the result that the attacker could change the login credentials for the notebook, and get full access to the machine. Highly worrying indeed.

Privilege patch

As mentioned at the outset, Microsoft fixed these issues with its freshly released patch for Windows 10 (out yesterday).

As Windows Latest reports, the company noted: “An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status. The security update addresses the vulnerability by ensuring Cortana considers status when [retrieving] information from input services.”

So, if you do have Cortana running on the lock screen of your PC, this is a pretty critical security patch to download. And if you haven’t patched yet – as might be the case with business machines, where deployment of patches can be a thornier issue – then obviously it might be a good move to banish Cortana from the lock screen for the time being.

McAfee further observes that it’s just scratching the surface of potential attack vectors that can be leveraged against digital assistants and via vocal commands, and that the firm intends to look much more deeply into finding vulnerabilities along these lines.

It’s obviously an important area to research, as we are inexorably heading towards a world in which AI virtual assistants are increasingly used to help you run many aspects of your devices and operating systems.

  • Some of the best laptops out there use Windows 10 and Cortana

View the full article

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...

Important Information

By using this site, you agree to our Terms of Use.