Independent researchers discovered a particularly worrisome security vulnerability in Microsoft’s Windows 10. Especially for people who had installed their PC OS with the default settings, it can affect them.
Before we get started, are you wondering what is Cortana? well, Cortana is a virtual assistant created by Microsoft for Windows 10, Windows 10 Mobile, Windows Phone 8.1, that Invoke smart speaker. So this software can allow hackers to open Website on a PC through the voice command.
you'll notice, in the video above that the researcher issues the voice command voice and unlocks the PC with their password. The vulnerability doesn’t allow a bad actor to unlock your computer, but with physical access to your system, they could direct it to just about any website they wanted.
The scenario becomes even more concerning if the attacker has enough access/time to plug a USB drive/stick into the target PC. This combination of vulnerabilities could potentially allow a hacker to proliferate an attack against any computers connected to the same network.
By default, your system probably has “use Cortana even when my device is locked” enabled. We highly suggest fixing this problem by taking the following steps:
If you’ve got the Cortana search bar on your task bar click it and then click the settings icon. (If you’ve removed the search bar just click the Windows start button and select “Cortana” from the menu, then choose the settings icon).
Next, scroll down to the “Lock Screen” section and turn off “use Cortana even when my device is locked.”
For added security, you can disable “Let Cortana respond to “Hey Cortana,” which will require you to click on the microphone icon anytime you wish to use voice control.
If you have friends that actually using Windows 10, tell them about that bug so they can be safe like you. thank you!
Comments
Post a Comment