Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Bypassed Windows Password Locks With Cortana Voice Commands (vice.com)

Posted by msmash on from the security-woes dept.

Two independent Israeli researchers found a way for an attacker to bypass the lock protection on Windows machines and install malware by using voice commands directed at Cortana, the multi-language, voice-commanded virtual assistant that comes embedded in Windows 10 desktop and mobile operating systems. From a report: Tal Be'ery and Amichai Shulman found that the always-listening Cortana agent responds to some voice commands even when computers are asleep and locked, allowing someone with physical access to plug a USB with a network adapter into the computer, then verbally instruct Cortana to launch the computer's browser and go to a web address that does not use https -- that is, a web address that does not encrypt traffic between a user's machine and the website. The attacker's malicious network adapter then intercepts the web session to send the computer to a malicious site instead, where malware downloads to the machine, all while the computer owner believes his or her machine is protected.

5 of 90 comments (clear)

  1. Physical access by Gavagai80 · · Score: 4, Informative

    Since this requires physical access, I propose an alternate method: unscrew the laptop and put whatever devices you want inside.

    --
    This space intentionally left blank
  2. History repeats by lucasnate1 · · Score: 4, Interesting

    In the past, you could hack into old windows machines by pressing F1 at password prompt. If the help file was missing, it would ask you to browse and find it, which would allow you to right click on executables and run them. Nice to see that some things never change.

    --
    Avantgarde Hebrew science fiction
    1. Re:History repeats by thegarbz · · Score: 4, Interesting

      You didn't even need a missing help file. If you could open the help bubble you could right click and click print. Then from the print dialogue you could open a proper windows help screen. From there if you opened the index search and opened a different help topic you'd get a full windows help screen with menubar. Then just click file, open, navigate to the windows folder, right click on explorer.exe and run it.

  3. Physical access by chaotixx · · Score: 4, Informative

    If a determined attacker has physical access to your machine you've lost via any number of methods.

  4. Marketing over security by swb · · Score: 4, Insightful

    Wow, what a fail by Microsoft. It should be beyond obvious to anyone with a pulse that not providing a way to completely disable Cortana opens computers up to an entire Pandora's box of security vulnerabilities.

    It's totally obvious Microsoft is just jamming this down everyone's throat, especially business users, because they know they can get big (and mostly bullshit) "adoption" numbers and operational data for Cortana.

    Of course the larger problem is nobody wants Microsoft's bullshit attempts to re-invent themselves as Google, Amazon/Alexa or Apple/Siri. So they will cram it down everyone's throats and get some minor level of usage just because it's there even though it aggravates most everyone else.