Windows 10 News and info | Forum
March 20, 2018, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances.
  Website   Home   Windows 8 Website Windows 8 Forum Help Login Register  
Pages: [1]
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Researchers find Cortana can be used to hack your PC  (Read 5 times)
Hero Member
Online Online

Gender: Male
United States United States

Posts: 28063

I Do Windows

WWW Email
« on: March 07, 2018, 02:36:15 PM »

Researchers have discovered that they are able to use the convenience Cortana offers as an easy way to penetrate the security of your PC, even when locked.

Independent security researchers Tal Be’ery and Amichai Shulman found that the Above Lock screen Cortana would navigate to websites even when your PC was locked and was thereby able to direct PCs to visit malware-infested websites and infect PCs without unlocking your machine.

To make this easier they attached a USB network adapter to the PC which redirected the PC from regular websites such as to their own malicious version.

They note that this could be the jumping off point for infecting other PCs on a network, as a single infected PC may (audible) start talking to other PCs on a network and use the same trick to infect them, rerouting their network via a technique called ARP poisoning.

The hack does require hackers to be in physical proximity to the PC, and of course, once you have physical possession of a PC in most cases the security game is over.

The hackers have informed Microsoft of the vulnerability, who have subsequently changed Cortana to direct all website visit requests to Bing first as a security check. The researchers are however continuing to explore the voice command space, as it is likely there are other ways to use the new user interface to gain access to a PC in unforeseen ways.

“We still have this bad habit of introducing new interfaces into machines without fully analyzing the security implications of it,” says Be’ery. “Every new machine interface that we introduce creates new types of vehicles to carry an attack vector into your computer.”

The researchers will be presenting their findings at the Kaspersky Analyst Security Summit in Cancun this week.

Read more about the hack at Motherboard here.


Pages: [1]
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines