Skip to main content

Now fixed, Cortana exploit allowed anyone to bypass the Windows 10 lock screen

McAfee Labs reports that Microsoft fixed a problem with Cortana that allowed anyone to read sensitive information on the Windows 10 lock screen and bypass the screen altogether. At the core of the issue was the file indexing process used by Windows 10 and Cortana’s contextual menu for manually asking the virtual assistant questions. 

If enabled, Cortana can be present on the Windows 10 lock screen so that anyone can ask her questions, not just the owner of the locked device. Prior to the fix, if you activated Cortana verbally but instead began typing your query manually, a contextual menu appeared. The problem was that all displayed results stemmed from indexed files and applications. 

Windows 10 keeps an index of all files and installed applications used on your PC so you can easily search for those items. This system also includes a method to peek inside your files and index their content. You can see the list of indexed file types by heading to “Indexing Options” on the Control Panel and navigating to the File Types tab after clicking “Advanced.” You’ll see that many file types are marked as “Index Properties and File Contents.” 

That said, you could initiate Cortana and manually begin searching for documents. Thus, if you kept a list of passwords in a text file named “passwords,” Cortana would display that file and its current location on the locked Windows 10 PC. 

“If the match is driven by file name matching, then you will be presented with the full path of the file,” McAfee’s report states. “If the match is driven by the file content matching, then you may be presented with the content of the file itself. Keep in mind that the entire user folder structure is indexed, which includes the default location for most documents but also for mappings like OneDrive.” 

But the problem didn’t just revolve around hunting down stored passwords. If the search located any document, script, or text file, it would be loaded by the associated editor and presented once the device owner logged onto Windows 10. The same could be said when loading Calculator, Notepad, and other programs from the contextual menu. That means you could essentially run malware on the PC without unlocking it. 

The deal with running malware using Cortana is that you need to be personally associated with the target PC, such as accessing your boss’ laptop or a company workstation storing secrets. One method of attack required dropping an executable file or PowerShell script on the target PC through file sharing or a disguised email attachment. Thus, the boss could open the file, unknowingly drop malware onto his PC, and then you sneak into the office and launch the executable or script from the lock screen. 

But the problems didn’t stop there. Using a string of inputs and an inserted USB stick, the team managed to reset a locked PC’s password using a PowerShell script from Cortana’s contextual menu, thus gaining access to the entire PC. 

Microsoft fixed the Cortana exploit on Tuesday, June 13.

Editors' Recommendations

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Windows 11 now no longer lets you use the old Windows 10 Start Menu
The new windows 11 start menu.

Changes to the Start Menu have been the most noticeable and controversial feature of Microsoft's new Windows 11 operating system. But in the early builds of Windows 11, retrieving the old Windows 10 Start Menu was always just a few clicks in Settings away. According to the changes made in the latest version of Windows 11, however, that's no longer the case.

The shift happened in the second build of the Windows 11 beta software, which is now available through the Windows Insider program. Among other notable changes to the Start Menu, Microsoft has apparently removed the option from Settings entirely, leaving you with the bright and shiny new Start Menu whether you like it or not. And yes, that means there's no option for left-aligning the Taskbar either.

Read more
Update your Windows PC now to fix this critical PrintNightmare security flaw
Person sitting and holding Dell XPS 13 laptop on their lap.

You might have heard the news about "PrintNightmare," a vulnerability in the Windows Print Spool service that could leave hackers in control of your PC under certain conditions. After raising concern about it, Microsoft has officially issued a patch that resolves the issue and the company urges all Windows users to install it as soon as possible.

Though unrelated, Microsoft is also aware of a separate issue raised on July 16 relating to the spooler service that is yet to be patched and is working on a separate fix, coming later. This involves local (physical) access to a PC and potentially allowing hackers to install programs and view, change, or delete data via the spooler service.

Read more
The biggest problems with Windows 10, and how to fix them
Windows 10 home screen

Since its release in 2015, Windows 10 has served as a popular operating system that improved features from previous versions while offering greater flexibility and customization options. The launch was plagued with a variety of issues, but subsequent updates have improved the product immensely. Although there are several common issues that you may encounter when using Windows 10, it's nothing that can't be solved with a bit of know-how. Here are eleven of the biggest problems with Windows 10 and how to fix them.
Problem: Not enough space for updates
Depending on the size of your hard drive and how full it is, hearing about the release of a new update may leave you dreading the next time you boot up your PC. Naturally, few people want to have to choose between important data and applications and a functioning computer, but that's exactly where you'll be if you leave it too long.

Head to the Control Panel and review your applications to see if there are any you can do without or haven't used in a long time.
Consider investing in a thumb drive or external hard drive to let you free up space by transferring files.
Empty your recycle bin or download a free tool to help manage your hard drive quickly and easily.

Read more