Israeli Researches Have Found a Way to Use Cortana to Bypass Windows 10 Password and Hack Your PC

(Last Updated On: March 7, 2018 2:04 pm)

If you felt your password was enough to protect your computer, it is time you change your mind. Yes, two researchers namely Tal Be’ery and Amichai Shulman from Israel have found a way to unlock Windows and insert a malicious malware by using Cortana.

Cortana, a voice command agent, or you can call it the ‘Siri of Microsoft’, is a preinstalled voice command software on Windows 10. While launching Cortana, Microsoft was very enthusiastic about the usage and progress of the software. However, while celebrating the success of the Cortana, Microsoft overlooked the security aspect of it.

Highly confident about the success of Cortana, Microsoft did not think of Cortana bypassing the mobile lock or desktop password and straightaway launching into a searched term. The two Israel based researchers not only compromised the password but also inserted the malware in the laptop.

They have told that anybody who has the physical access to the hardware can unlock the machine when it is password protected. By inserting a USB adapter and commanding Cortana with certain voice instructions, one can open the web page. The web page is not HTTP protected and redirects to a non-encrypted website.

This leaves an open network for the attackers to intercept the session in order to divert the system to the malicious website from where automated malware can be installed on the system straightaway.

Tal Be’ery, one of the two researchers, adds, “We still have this bad habit of introducing new interfaces into machines without fully analyzing the security implications of it.” He adds, “Every new machine interface that we introduce creates new types of vehicles to carry an attack vector into your computer.”

While at this point, the security problem is of the physical type, it can later affect the whole network. This way, attackers can take complete control of the entire network using the same voice commands on Cortana.

Microsoft on its part has understood the magnitude of the problem, its implications, and possible damages in the future. Therefore, in order to immediately address the issue, Microsoft redirected the browser to Bing upon unlocking by Cortana to avoid any network loopholes.

However, those who tested the new measures of Microsoft are not yet satisfied with security measures of Cortana. According to the researchers, the number of voice commands is more than one and there could be another set of voice commands that may help Cortana bypass the security net on mobile as well as on a laptop.

Researchers are said to be exploring more ways to see how Cortana can be manipulated using voice command. However, Microsoft really needs to think about the Cortana and its impenetrable security system and feature robustness.

For Microsoft, the remedy cannot end at Cortana but must address the same security issues in all upcoming software products as well if Microsoft wishes to stay ahead of the competitors.

More on this topic

Leave a Reply

samsung Galaxy A20
Samsung Galaxy A21s Getting Ready for the US Market?
Motorola Razr specs
Motorola Razr Foldable Phone to be Released on February 6
GTA 6 – Tax Returns Hint at Early Release; May Coincide with PS5 and Xbox Series X Launch
iphone 12
iPhone 12 – Apple Likely to Change Color from Midnight Green to Navy Blue
Android Apple Gaming How To Internet iPhone Personal Computers Review Site review The Top Best
advantages and disadvantages of Netflix
Advantages And Disadvantages Of Netflix

Netflix is one of the most popular streaming services. It allows...

Do You Really Need A New Phone? Ask Yourself These 5 Questions

Are you considering an option to buy a new smartphone? It...

Android vs iPhone
Android vs iPhone: Which One To Buy?

It’s time to buy a new smartphone and you are thinking...