Huge Cortana exploit allowed an attacker to bypass Windows 10’s lock screen

Windows 10

Windows 10 users will likely be concerned to hear that Cortana had major vulnerabilities, which allowed a malicious party to potentially bypass the lock screen – or easily view sensitive information from it – although the good news is that Microsoft has just patched these issues.

McAfee uncovered and documented the security flaws in a lengthy blog post, with one simple issue being the fact that you could trigger the voice assistant from the lock screen (assuming Cortana is enabled in this respect, on default settings), and bring up a contextual Windows 10 menu simply by typing while Cortana is listening to a query.

And the details of files – and possibly file contents – revealed in that contextual menu could potentially leak sensitive information from the locked laptop.

Beyond that, the security firm found that it was possible to exploit Cortana in order to execute code on the PC from the lock screen, allowing an attacker to trigger a backdoor dropped from, say, a previously successful phishing email attack.

Moreover, McAfee further demonstrated an exploit of the digital assistant that allowed a payload to be locally executed from a USB stick, with the result that the attacker could change the login credentials for the notebook, and get full access to the machine. Highly worrying indeed.

Privilege patch

As mentioned at the outset, Microsoft fixed these issues with its freshly released patch for Windows 10 (out yesterday).

As Windows Latest reports, the company noted: “An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status. The security update addresses the vulnerability by ensuring Cortana considers status when [retrieving] information from input services.”

So, if you do have Cortana running on the lock screen of your PC, this is a pretty critical security patch to download. And if you haven’t patched yet – as might be the case with business machines, where deployment of patches can be a thornier issue – then obviously it might be a good move to banish Cortana from the lock screen for the time being.

McAfee further observes that it’s just scratching the surface of potential attack vectors that can be leveraged against digital assistants and via vocal commands, and that the firm intends to look much more deeply into finding vulnerabilities along these lines.

It’s obviously an important area to research, as we are inexorably heading towards a world in which AI virtual assistants are increasingly used to help you run many aspects of your devices and operating systems.

  • Some of the best laptops out there use Windows 10 and Cortana

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).