Latest in Security

Image credit:

Cortana can be used to hack Windows 10 PCs

The lock screen isn't so secure after all.
Share
Tweet
Share

Sponsored Links

Engadget

Cortana might be super helpful at keeping track of your shopping lists, but it turns out it's not so great at keeping your PC secure. Researchers from McAfee have discovered that by activating Cortana on a locked Windows 10 machine, you can trick it into opening up a contextual menu which can then be used for code execution. This could deploy malicious software, or even reset a Windows account password.

The vulnerability stems from Cortana's ability to listen for commands even while the PC is locked, combined with regular indexing that makes files accessible in the search function that Cortana uses. Even though potential hackers would need physical access to your PC to do any damage, this could feasibly take place in an office or shared environment. Microsoft dealt with the issue in yesterday's "Patch Tuesday" update, but many machines won't have that yet, so McAfee suggests turning off Cortana on the lock screen to prevent any attacks.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

The Arcwave Ion is designed to 'give men a female orgasm'

The Arcwave Ion is designed to 'give men a female orgasm'

View
iOS 14 review: Finally rid of the grid

iOS 14 review: Finally rid of the grid

View
Atari VCS backers should get their consoles 'very soon'

Atari VCS backers should get their consoles 'very soon'

View
Scientists find evidence of multiple underground lakes on Mars

Scientists find evidence of multiple underground lakes on Mars

View
Microsoft thinks remote workers need a 'virtual commute'

Microsoft thinks remote workers need a 'virtual commute'

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr