Wednesday, April 17, 2024

Microsoft Cortana Vulnerability Allows Hackers to Break into your Locked Windows 10 PC

Microsoft Cortana Vulnerability that patched by Microsoft allows attackers to execute malicious code on the locked computer and gain access to the locked device without any user interaction.

Cortana is a virtual personal assistant that handles a number of tasks, it can get at reminders, telling jokes and to answer question Cortana uses Bing search engine.

The vulnerability was patched with the recently released Microsoft Tuesday patch that covers more than 50 Critical Vulnerabilities.

McAfee Security researcher Cedric Cochin identified the Cortana Elevation of Privilege Vulnerability and it was tracked as CVE-2018-8140.

Cochin says the problem is with Cortana default settings respond to any voice calling “Hey Cortana” from the lock screen which can be abused by the attackers to interact with the operating system even if the computer is locked.

By saying “Hey Cortana” users can bring a contextual menu on the locked device login screen, where users can type to search for files present in the system and the Cortana brings the results from indexed files and applications.

If you have the filename matching it shows the file location and if the content matches it presents the content itself.

Attackers can use these methods to execute dropped payload on the system as an administrator by just right-click on the file and “Run as administrator“.

Researchers used simple PowerShell command to execute the code that presents in the USB drive to bypass the policy and to reset the password to log in with the windows 10 machine.

To mitigate the attack users need to turn off Cortana on the lock screen and this issue has been resolved with the recently released Microsoft Tuesday security updates.

Also Read:

macOS Signature Validation Flaw Allows a Malicious Code Appeared to be Signed by Apple

VMware Released Security Updates for Critical Remote Code Execution Vulnerability

Malicious Chrome Extension Launch MitM Attack to Harvest User Logins & Passwords and Steal Money


Latest articles

Trustifi’s Email Security Awareness Training – Empowering MSPs to Train & Protect Clients

In today's digital landscape, email security has become a critical concern for businesses of...

Personal Data Exposed in Massive Global Hack: Understanding the Implications & Guarding Privacy- Axios Security Group

In a digital age where information is the new currency, the recent global hack...

Ex-Security Engineer Jailed For Hacking Decentralized Cryptocurrency Exchanges

Ahmed exploited a vulnerability in a decentralized cryptocurrency exchange's smart contract by injecting fabricated...

Omni Hotels & Resorts Hack: Attackers have Stolen Customer Information

Omni Hotels & Resorts has revealed that it was the target of a recent...

Connect:fun Attacking Organizations Running Fortinet’s FortiClient EMS

A new exploit campaign has emerged, targeting organizations that utilize Fortinet’s FortiClient EMS.Dubbed...

TA558 Hackers Compromised 320+ Organizations’ FTP & SMTP Servers

TA558, a financially motivated threat actor identified in 2018, is targeting several countries but...

Blackjack Hackers Destroyed 87,000 Sensors Using Lethal ICS Malware

A group of cybercriminals known as "Blackjack" has launched a devastating attack on industrial...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles