Microsoft has issued a Windows 10 Update aimed at addressing a Cortana related security flaw discovered by McAfee Security Researchers. The Flaw enabled Hackers to Windows 10 Built-in Digital Assistant, Cortana to execute malicious code from the Windows 10 Screen Lock UI.
The Hacker would need to be physically interacting with your device. A Single PowerShell script execution could lead to the password of your PC’s account being modified/reset. The Flaw also makes it possible to insert a USB drive into your PC, and further use Cortana to open to those USB files.
The following illustrates how your Windows 10 PCs can be infiltrated via this Security Flaw:
- Trigger Cortana via “Tap and Say” or “Hey Cortana”
- Ask a question (this is more reliable) such as “What time is it?”
- Press the space bar, and the context menu appears
- Press esc, and the menu disappears
- Press the space bar again, and the contextual menu appears, but this time the search query is empty
- Start typing (you cannot use backspace). If you make a mistake, press esc and start again
- When done (carefully) typing your command, click on the entry in the Command category. (This category will appear only after the input is recognized as a command.)
- You can always right click and select “Run as Administrator” (but remember the user would have to log in to clear the UAC)
Microsoft has issued a security update on June 12 which will take quite a while to reach various PCs. McAfee recommends turning off Cortana in order not become a victim of this Cortana related security flaw.
Physical security is paramount when it comes to data and this security Flaw no doubt goes to show that in a big way. Feel free to leave your opinion on this recent Windows 10 Security Flaw found by McAfee and addressed by Microsoft in its latest Security Update.