Cortana Flaw Allows Bypassing Windows 10 Lock Screen
NEWS

Cortana Flaw Allows Bypassing Windows 10 Lock Screen

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by Cortana and other threats.
Threats such as Cortana may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

Researchers have shown a simple method which could turn out to be a physical type of security risk for victims, using Cortana.




Just like Siri, Cortana is enabled by default on all Windows 10 devices and the assistant works even during the lock screen being active. So this basically means that even if you have not logged in Windows, you can use Cortana to ask questions whether by voice or by typing them. To browse and find answers for your questions, Cortana reportedly uses Microsoft Edge Browser and Internet Explorer 11.

Researchers at McAfee have performed a test to see how an attacker could potentially abuse this fact only to realize that they were able t exploit the virutal asistant to gain control over the device.

How Can Cortana be Abused

McAfee have researched thoroughly how a hacker could effectively compromise Cortana in order to gain control of data on the machine and hence run malicious code on the victim PC which may even change your login password. Depending on how you do it, Cortana can respond with more actions, like display search results or web links that lead to different types of trusted websites. If there is an official site that can answer your question, cortana may show you results from it. The bad news here is that Cortana may also show results listed on Wikipedia. Since Wikipedia can be edited by anyone, some specific attackers can use it to answer a very specific Wikipeida question and add a web link which Cortana will assume is trusted.

Researchers Cedric Cochin and Steve Povolni had the following comment on their report:

It is surprising that links are offered and clickable when the device is locked. If you start your favorite network sniffer or man-in-the-middle proxy, you will see that the links are visited as soon as the user clicks on them, irrespective of the device’s locked status.

This means we can force navigation to a website (though not yet the one we want) when the device is locked. However, we have seen that Cortana can be picky in how she offers results. Bing must already know these results, and most links are known trusted sites.

This type of abusing can lead to different types of unsafe accounts, the main idea behind which may be to infect the computer with different malware, that may damage or unlock it.

Being easy to say than do, Wikipedia is very good at checking it’s web links, but attackers can use web pages, whose domains have already expired to purchase the domain name and use the URL to lead to a malicious site.

Once this domain is taken over, the URLs that may lead to Wikipedia may contain an exploit which can trigger infections of all types. McAfee researchers have detected those free URLs with no content to be from a very high number, since Wikipedia has a lot of content.




Contana Even Allows Web Browsing

In addition to this, researchers have also established that Crotana can also be misguided into allowing the user to direclty browse the internet by using specific Cortana skills and commands that allow link hopping and this can even result in gaining access to social media sites and other third-party services and places on the web.

The digital assistant of Microsoft can also be used to even log in to social media sites, from the likes of Facebook, Twitter and other sites and among their reccomendations is to avoid using Edge and Internet Explorer for Facebook login.

This is not the first scandal revolving around Cortana as researchers have reported the assistant to collect a lot of sensitive information:

Related: Cortana Is Not Your Friend but Your Enemy, and Here’s Why

The good news is that these attack methods are not likely to become massive or popular, but they are not to be disregarded, primarily because of the fact that with careful trickery, this vulnerability could be used to spread massive malware, like worms or other forms of viruses as long as hackers have physical access.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Web Browsing Secure And Privacy Service
Special Offer
What Is a VPN and How Does It Work?

VPN is a service that keeps your web browsing secure and private.
Stop mass surveillance and browse freely by using a VPN. Keep your data encrypted, your IP hidden and your location changed!

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Secure Service for Private Browsing
Special Offer
What Is a VPN and How Does It Work?

VPN is a service that keeps your web browsing secure and private.
Stop mass surveillance and browse freely by using a VPN. Keep your data encrypted, your IP hidden and your location changed!

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...