Cortana flaw enables hackers to load malicious websites from the lock screen

Two independent Israeli researchers recently discovered that anyone with access to a Windows 10 PC could use Cortana and a USB-based network adapter to download and install malware even if the machine remained locked. This was accomplished using voice commands directed to Cortana, which could load up a malicious website in a browser without unlocking Windows. The PC could also be moved to a wireless network controlled by the hacker. 

The two researchers, Tal Be’ery and Amichai Shulman, presented their method in a session called, “The Voice of Esau: Hacking Enterprises Through Voice Interfaces” during the Kaspersky Analyst Security Summit in Cancun, Mexico, last week. Their attack relied on Cortana’s ability to keep the microphone active at all times to receive voice commands, especially PCs that aren’t restricted to a single user’s voice. The attack also required physical access to the target PC. 

In their scenario, a hacker could sit down in front of a locked Windows 10 PC and insert a network adapter into one of the USB slots. After that, the hacker could verbally tell Cortana to open the web browser and head to any specific HTTP-based address that doesn’t rely on a secure connection (HTTPS means the connection is encrypted). The inserted adapter receives the outgoing command but directs the web browser to a malicious website instead. 

The malicious destination is designed to download malware to the machine even though it’s still locked. After that, the PC is at the mercy of the hacker. As previously stated, a hacker with physical access to the Windows computer can switch to a wireless, malicious network through the USB adapter: just click on the destination using a mouse even though the PC remains locked. 

Windows 10 provides several settings regarding Cortana. For starters, device owners can toggle on or off the ability for the virtual assistant to respond to the “Hey Cortana” voice command. There is also a checkbox to prevent the device from sleeping when it’s plugged in so Cortana can respond to commands. Most importantly, there are two main settings for voice command acceptance: Let Cortana respond to anyone or lock Cortana to one specific voice. 

That is not all. There is a specific setting for the lock screen, enabling users to enable or disable voice commands while the PC remains locked. Windows 10 also provides a keyboard shortcut you can toggle to disable or enable Cortana commands after pressing the Windows logo key and the “C” key simultaneously.  

“We still have this bad habit of introducing new interfaces into machines without fully analyzing the security implications of it,” Be’ery said. “Every new machine interface that we introduce creates new types of vehicles to carry an attack vector into your computer.” 

Ultimately, Microsoft resolved the issue discovered by Be’ery and Shulman. Browser-based commands made to Cortana on the lock screen now go directly to Bing, the company’s search engine. But because Cortana responds to other commands, the duo is currently investigating how these commands can be used for malicious purposes as well. 


Hackers are scoring with ransomware that attacks its previous victims

Computer viruses are always evolving. In a new one, dubbed "Ryuk," hackers are targeting PCs with ransomware that scours an infected network in order to pinpoint and attack and enterprises with big money.

‘Fortnite’ security flaw let hackers spy on players through microphones

A security vulnerability found in Fortnite allowed hackers to gain access to other players' accounts, potentially letting them spy on conversations using the in-game microphone. It has been addressed.

Stop your PC's vow of silence with these tips on how to fix audio problems

Sound problems got you down? Don't worry, with a few tweaks and tricks we'll get your sound card functioning as it should, and you listening to your favorite tunes and in-game audio in no time.

Getting Windows 10 updated doesn't have to be so painful

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.

Could the next Microsoft HoloLens be announced at MWC 2019?

After not having a presence at Mobile World Congress for three years, Microsoft is now sending out media invites for a press conference on February 24 during the annual event in Barcelona. Could a next-generation HoloLens be on the way?

Microsoft to separate Cortana from search with the next version of Windows 10

Changes are on the way for two key features in Windows 10. A separation of Windows 10 search and Cortana will allow Microsoft to more often innovate on each of the features independently.

Nvidia’s next midrange card might be a GTX 1660 Ti, rumors suggest

Nvidia may be working on a non-RTX Turing graphics card called the 1660 Ti. Rumors suggest it will have around 20 percent fewer CUDA cores than the RTX 2060 and will lack ray tracing support.

Delete tracking cookies from your system by following these quick steps

Cookies are useful when it comes to saving your login credentials and other data, but they can also be used by advertisers to track your browsing habits across multiple sites. Here's how to clear cookies in the major browsers.

Convert your PDFs into convenient Word documents with Adobe or a free option

PDF files are great, but few document types are as malleable as those specific to Microsoft Word. Here's how to convert a PDF file into a Word document, whether you prefer to use Adobe's software suite or a freemium alternative.

From Samsung to HP, here are the best cheap Chromebook deals right now

Whether you want a compact laptop to enjoy some entertainment on the go, or you need a no-nonsense machine for school or work, we've smoked out the best cheap Chromebook deals -- from full-sized laptops to 2-in-1 convertibles -- with most…

Chromebook 13 vs. Google Pixelbook: Acer model takes on the king

Acer's Chromebook 13 is throwing tons of speed at the Chrome OS market, to go with a midrange build and traditional clamshell design. Is that enough to challenge the Google Pixelbook?

Data breach compromises 773 million records, 21 million passwords

A security researcher was alerted to a collection of breached data that included more than 773 million compromised records. After digging deeper, the breach was revealed to contain more than 21 million passwords.

Dell teases new XPS laptop with Intel’s 10th-gen Ice Lake for summer 2019

After teasing a mysterious Ice Lake-powered XPS laptop during Intel's keynote, Dell confirmed that it will announce a new 10th-generation Ice Lake-powered XPS laptop this year. The new XPS notebook could debut as early as summer.

Faster new PCIe 5.0 standard leapfrogs the best feature of AMD’s Ryzen 3

PCIe 5.0 will bring even faster data transfers, but it may only be found on HPCs and servers initially. The standard is four times faster than your current PC at transferring data, and new devices could appear later this year.