Cortana can be used to hack Windows 10 PCs

Cortana might be super helpful at keeping track of your shopping lists, but it turns out it's not so great at keeping your PC secure. Researchers from McAfee have discovered that by activating Cortana on a locked Windows 10 machine, you can trick it into opening up a contextual menu which can then be used for code execution. This could deploy malicious software, or even reset a Windows account password.

The vulnerability stems from Cortana's ability to listen for commands even while the PC is locked, combined with regular indexing that makes files accessible in the search function that Cortana uses. Even though potential hackers would need physical access to your PC to do any damage, this could feasibly take place in an office or shared environment. Microsoft dealt with the issue in yesterday's "Patch Tuesday" update, but many machines won't have that yet, so McAfee suggests turning off Cortana on the lock screen to prevent any attacks.

Via: The Verge

Source: McAfee



via Engadget RSS Feed https://ift.tt/2sUN9o2
RSS Feed

If New feed item from http://www.engadget.com/rss-full.xml, then send me

IFTTT

Comments

Popular posts from this blog

Evernote cuts staff as user growth stalls

The best air conditioner

We won't see a 'universal' vape oil cartridge anytime soon