Saturday, October 12, 2024
HomeComputer SecurityMicrosoft Cortana Vulnerability Allows Hackers to Browse With Your Locked Computer

Microsoft Cortana Vulnerability Allows Hackers to Browse With Your Locked Computer

Published on

Malware protection

A new privilege escalation vulnerability with Cortana allows an attacker with physical access to do unauthorized browsing on the locked system.

Security researchers form Mcafee observed two different scenario’s, in the first scenario attackers, can force Microsoft Edge browser to navigate to the URL hosted in attacker’s server, with the second case an attacker can use limited Version IE browser with the victim credentials and impersonate as a victim.

With the previous Cortana Vulnerability CVE-2018-8140 Allows Hackers to Break into your Locked Windows 10 PC.

- Advertisement - SIEM as a Service

Cortana Vulnerability – Edge

With the first scenario, the privilege escalation vulnerability allows an attacker to force navigation the locked screen and all the attacker needs to have a physical access to the device and this vulnerability does not allow an attacker to unlock the system.

Cortana is a virtual personal assistant and brings the search results to form the Bing, researchers spotted the links offered are clickable even though the device is locked. This allows an attacker to force navigation to a website.

To accomplish this researcher’s registered the available domain that pointed in the website link and asked Cortana to search for “Miss Aruba” with the locked device and the Cortana retrieves the result. With the appeared results the links appeared to be clickable.

Cortana Vulnerability

By clicking the link they observed the Edge browser retrieves the content even though the device remains in the locked state.

“This attack could occur at a coffee shop, retailer, bank, or against targeted individuals. This configuration is the default on Windows, and our research has shown that many users never disable Cortana from the lock screen.”

Cortana Vulnerability – Internet Explorer

With the system locked researchers asked “Hey Cortana, I want to sell my house” based on the query it offers the results for Real Estate Search and Haunted house.

Cortana Vulnerability

By selecting Real Estate Search it takes to a login screen that contains a link to Privacy Policy and the privacy policy section contains the social media links such as Facebook or YouTube. So it leads to reaching the social media from the system locked screen.

Cortana Vulnerability

“One potential attack scenario arises if a corporation offers a mechanism to reset Windows credentials via a web server but does not require users to re-enter the old password. One could simply navigate to the reset link, input a new password, exit the limited navigator, and unlock the device with the newly set password, all from a locked computer.”

Both of the new flaws have been fixed with the Microsoft’s August update, the best mitigation is to turn off Cortana on the lock screen.

Also Read:

macOS Signature Validation Flaw Allows a Malicious Code Appeared to be Signed by Apple

VMware Released Security Updates for Critical Remote Code Execution Vulnerability

Malicious Chrome Extension Launch MitM Attack to Harvest User Logins & Passwords and Steal Money

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication

Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication...

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being...

SpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to Accelerate Insider and Supply Chain Risk Analysis & Threat Actor Attribution

IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading...

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

The agreement has marked over 600,000 fraudulent domains for takedown in just two months...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Digital Wallets Bypassed To Allow Purchase With Stolen Cards

Digital wallets enable users to securely store their financial information on smart devices and...

Best SIEM Tools List For SOC Team – 2024

The Best SIEM tools for you will depend on your specific requirements, budget, and...

Europe’s Most Wanted Teenage Hacker Arrested

Julius “Zeekill” Kivimäki, once Europe's most wanted teenage hacker, has been arrested.Kivimäki, known for his involvement with the notorious Lizard Squad,...