Researchers Find That Cortana Can Be Used To Hack Windows 10 PCs

Windows 10 update

Windows 10 update

However, McAfee experts were also able to summon the window that houses Cortana on the desktop interface simply by typing with any key while Cortana is listening to a query.

Windows 10 users will likely be concerned to hear that Cortana had major vulnerabilities, which allowed a malicious party to potentially bypass the lock screen - or easily view sensitive information from it - although the good news is that Microsoft has just patched these issues.

The June security patch also resolves a privilege escalation vulnerability which affects the Cortana voice assistant.

Hackers could exploit the vulnerability to gain access to a locked computer.

This was possible because of the almost-constant indexing performed by Cortana in the background of Windows 10.

A demo from McAfee researcher Cedric Cochin demonstrated a password reset using this technique and a USB through which he executed a PS1 payload.

To solve this problem, Microsoft has developed a security patch that fixes this and other vulnerabilities detected by different cybersecurity firms.

Even if you haven't installed the latest patch, you can protect your computer by manually disabling the voice assistant from the computer's lock screen.

Kellogg Recalls Honey Smacks Cereal on Salmonella Concerns
The CDC said epidemiologic evidence indicates that Kellogg's Honey Smacks cereal is a likely source of this multi-state outbreak. Recalled boxes have a universal product code (UPC) of 38000 39103 (15.3 oz packets) and 38000 14810 (23 oz packets).

This could leave a vast number of users still vulnerable to the attack worldwide.

McAfee said in a written statement.

Considering Windows 10 was designed specifically to let you run apps across a range of devices including PCs, tablets, phones and even the Xbox One, it's still not entirely clear what the death of Windows 10 Mobile means for the future of the operating system.

A pair of independent Israeli security researchers unearthed a flaw back in March which could be used to infect a computer with a virus.

It is created to help users accomplish various tasks, although it also seems to suffer from a bug that could allow hackers to actually use Cortana to hack the Windows 10 PC that it is installed on.

The malicious network adapter can then intercept the web sessions to send the device to a malicious website, where malware can be downloaded to the machine.

The final critical flaw for enterprises to prioritize was CVE-2018-8267, a scripting engine memory corruption vulnerability in Internet Explorer.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.