Windows 10 News and info | Forum
June 19, 2018, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Researchers find Cortana can be used to hack your PC  (Read 45 times)
javajolt
Administrator
Hero Member
*****
Online Online

Gender: Male
United States United States

Posts: 28506


I Do Windows


WWW Email
« on: March 07, 2018, 02:36:15 PM »
ReplyReply

Researchers have discovered that they are able to use the convenience Cortana offers as an easy way to penetrate the security of your PC, even when locked.

Independent security researchers Tal Be’ery and Amichai Shulman found that the Above Lock screen Cortana would navigate to websites even when your PC was locked and was thereby able to direct PCs to visit malware-infested websites and infect PCs without unlocking your machine.

To make this easier they attached a USB network adapter to the PC which redirected the PC from regular websites such as CNN.com to their own malicious version.

They note that this could be the jumping off point for infecting other PCs on a network, as a single infected PC may (audible) start talking to other PCs on a network and use the same trick to infect them, rerouting their network via a technique called ARP poisoning.

The hack does require hackers to be in physical proximity to the PC, and of course, once you have physical possession of a PC in most cases the security game is over.

The hackers have informed Microsoft of the vulnerability, who have subsequently changed Cortana to direct all website visit requests to Bing first as a security check. The researchers are however continuing to explore the voice command space, as it is likely there are other ways to use the new user interface to gain access to a PC in unforeseen ways.

“We still have this bad habit of introducing new interfaces into machines without fully analyzing the security implications of it,” says Be’ery. “Every new machine interface that we introduce creates new types of vehicles to carry an attack vector into your computer.”

The researchers will be presenting their findings at the Kaspersky Analyst Security Summit in Cancun this week.

Read more about the hack at Motherboard here.

source
Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page March 22, 2018, 10:49:28 PM