Cortana used to bypass Windows 10 security

James Delahunty
14 Jun 2018 8:14

Microsoft has pushed out a fix for a flaw with the Cortana assistant that could be exploited to unlock a Windows 10 computer.
McAfee reported the flaw to Microsoft back in April, and Microsoft has included an update to address the issue in this month's Patch Tuesday load of fixes and tweaks. Windows 10 devices on default settings will apply the update over the next day or so.

The flaw took advantage of the fact that Cortana listens for commands even when a Windows 10 PC is locked, coupled with the regular indexing of files on attached storage to make searching faster.
"This will come as a surprise and lies at the core of all the issues we found, but simply typing while Cortana starts to listen to a query on a locked device will bring up a Windows contextual menu," Cedric Cochin and Steve Povolny wrote on a McAfee blog post detailing a potential attack.

With a contextual menu displayed and search results coming from indexed files and applications (and in cases the contents of the file are indexed), a malicious actor could see sensitive contents of text files and other documents that has been indexed.

The McAfee team went further though and even detail a path to a password reset and login in a blog post here.

More from us
Tags
Cortana McAfee Windows 10
We use cookies to improve our service.