This month’s Patch Tuesday for Windows 10 came with an important security update for Cortana, Microsoft’s digital assistant that is built into the OS. Indeed, Microsoft patched a “Cortana Elevation of Privilege Vulnerability” that has been discovered by the McAfee Labs Advanced Threat Research team, which allowed hackers to get access to a Windows 10 PC by using Cortana on the lock screen.
“In Windows 10, on the most recent build at the time of submission, we observed that the default settings enable “Hey Cortana” from the lock screen, allowing anyone to interact with the voice-based assistant. This led to some interesting behavior and ultimately vulnerabilities allowing arbitrary code execution,” explained the security researchers at McAfee yesterday.
The report details three different vectors of attack, the first one being an information leak leveraging Windows indexing and the “Hey Cortana” voice command. The researchers also explained different techniques that an attacker having physical access to a Windows 10 PC could use to execute code from the lock screen, including a full password reset.
McAfee encourages Windows 10 users to install this month’s security update as soon as possible, though turning off Cortana on the lock screen is also a good mitigation. “The attack surface created by vocal commands and personal digital assistants requires much more investigation; we are just scratching the surface of the amount of research that should be conducted in this critical area,” the researchers said.
