Cortana is an artificial intelligence-based smart assistant that Microsoft built into every version in Windows 10. Cortana is essentially Microsoft’s answer to Apple’s Siri, Amazon’s Alexa, and the Google Now assistants that ship with many new products. You can use Cortana to search your PC, find information via the web, and handle basic tasks like checking the weather.
A major vulnerability has been discovered which is that Cortana could allow hackers to break into a locked Windows 10 system and execute malicious commands with the user’s privileges. It could get worse if the user has elevated privileges in his/her system. It was found out by McAfee security researches. They have discovered this vulnerability earlier this year uncovering that it could be summoned from a lock screen to execute malicious software. Any potential hacker would need physical access to a PC, and McAfee details methods to get the digital assistant to index files from a USB drive and execute them.
WHAT IS IT EXACTLY?
This particular vulnerability has been tracked as CVE-2018-8140 [1]. Attribution for this vulnerability submission goes to Cedric Cochin, Cyber Security Architect and Senior Principle Engineer. Microsoft has flagged this vulnerability as important and has already made up a patch to prevent from this. Exploitation of this vulnerability requires an attacker to have physical or console access to the targeted system and the targeted system also needs to have Cortana enabled.
HOW TO EXPLOIT IT?
McAfee uncovered and documented the security flaws in a lengthy blog post [2] with one simple issue being the fact that you could trigger the voice assistant from the lock screen and bring up a contextual Windows 10 menu simply by typing while Cortana is listening to a query and the details of files and its file content revealed in that contextual menu could possibly leak sensitive information from the locked laptop.
Check out this video and look how simply you can exploit it. 😉
Using Cortana Smart Assistant to Hack Windows Password
HOW TO PREVENT FROM IT?
As mentioned earlier, Microsoft fixed these issues with its freshly released patch for Windows 10. The security update addresses the vulnerability by ensuring Cortana considers status when retrieving information from input services. The patch that fixes this vulnerability should have been automatically installed on your Windows 10 device. If you want to make sure it was downloaded, you can check by going to the Windows Update section of the Update & Security page in the default Settings app.
If you still haven’t updated, it is McAfee’s recommendation to disable or turn off Cortana on lock screen in order to prevent these kind of attacks.
REFERENCES
[1] https://nvd.nist.gov/vuln/detail/CVE-2018-8140
[2] Want to Break Into a Locked Windows 10 Device? Ask Cortana (CVE-2018-8140)
[3] https://thehackernews.com/2018/06/cortana-hack-windows-password.html
CREATIVE MESS 