Israeli Researches Have Found a Way to Use Cortana to Bypass Windows 10 Password and Hack Your PC

(Last Updated On: March 7, 2018 2:04 pm)

If you felt your password was enough to protect your computer, it is time you change your mind. Yes, two researchers namely Tal Be’ery and Amichai Shulman from Israel have found a way to unlock Windows and insert a malicious malware by using Cortana.

Cortana, a voice command agent, or you can call it the ‘Siri of Microsoft’, is a preinstalled voice command software on Windows 10. While launching Cortana, Microsoft was very enthusiastic about the usage and progress of the software. However, while celebrating the success of the Cortana, Microsoft overlooked the security aspect of it.

Highly confident about the success of Cortana, Microsoft did not think of Cortana bypassing the mobile lock or desktop password and straightaway launching into a searched term. The two Israel based researchers not only compromised the password but also inserted the malware in the laptop.

They have told that anybody who has the physical access to the hardware can unlock the machine when it is password protected. By inserting a USB adapter and commanding Cortana with certain voice instructions, one can open the web page. The web page is not HTTP protected and redirects to a non-encrypted website.

This leaves an open network for the attackers to intercept the session in order to divert the system to the malicious website from where automated malware can be installed on the system straightaway.

Tal Be’ery, one of the two researchers, adds, “We still have this bad habit of introducing new interfaces into machines without fully analyzing the security implications of it.” He adds, “Every new machine interface that we introduce creates new types of vehicles to carry an attack vector into your computer.”

While at this point, the security problem is of the physical type, it can later affect the whole network. This way, attackers can take complete control of the entire network using the same voice commands on Cortana.

Microsoft on its part has understood the magnitude of the problem, its implications, and possible damages in the future. Therefore, in order to immediately address the issue, Microsoft redirected the browser to Bing upon unlocking by Cortana to avoid any network loopholes.

However, those who tested the new measures of Microsoft are not yet satisfied with security measures of Cortana. According to the researchers, the number of voice commands is more than one and there could be another set of voice commands that may help Cortana bypass the security net on mobile as well as on a laptop.

Researchers are said to be exploring more ways to see how Cortana can be manipulated using voice command. However, Microsoft really needs to think about the Cortana and its impenetrable security system and feature robustness.

For Microsoft, the remedy cannot end at Cortana but must address the same security issues in all upcoming software products as well if Microsoft wishes to stay ahead of the competitors.

Leave a Reply

The Samsung Galaxy F Render is what we’ve been expecting, a Foldable Galaxy Flagship
Snapchat New Update Comes with a Smoother Redesign which can be Enabled with Root
Google Pixel 2 XL or iPhone X – Which One Would Win the Battle?
Steve Jobs Wouldn’t Like iPhone 9’s New Feature
Android Apple Gaming How To Internet iPhone Personal Computers Review Site review The Top Best
Bioware Anthem
Everything we know about Bioware Anthem – Release Date, Features, Rumors and News

Anthem is an action-packed role-playing game from Bioware, the developers of...

CD Projekt's Cyberpunk 2077 Mike Pondsmith
CD Projekt’s Cyberpunk 2077 Release Date, Features, Rumors and News

At the closure of the E3 press conference, the subtle hint...

Apple iphone 9 2018
iPhone 2018 and iPhone 9: Release Date, Specifications, Features, Rumors and News

Apple will be launching three new phones this September, but one...