With the password locking security system Windows 10 has kept our devices pretty safe preventing any third party to access your computer. It also protects you device from malwares which could be induced into your system using USB. It was brought to our notice that two Israeli researchers have discovered a way to pass through the password protection with the help of cortana voice assistant.
Israeli researchers – Tal Be’ery and Amichai Shulman found some loopholes in Cortana which brought us to a surprise. Cortana voice assistant, enabled with the always listening feature responds to some voice commands even during the lock mode of your operating system. Knowing this fact it surely brings some chills down your body with a feeling of betrayal to your privacy.
Till what extent can a person use your system suing these commands? A person can access your device with these commands only if he has physical access by plugging USB enabled with a network adaptor. After which cortana voice assistant can be instructed to launch your browser and gain access to some site which does not use https. This adapter can then be used to cut-off the web session for redirecting your system to some malicious website. The next step, malware can be downloaded straight in your device.
Shulman’s quote reported by Motherboard was:
“We start with proximity because it gives us the initial foothold in [a] network…We can attach the computer to a network we control, and we use voice to force the locked machine into interacting in an insecure manner with our network…One of the things we saw was that even when a machine is locked, you can choose the network to which the machine is attached.”
However, the malware attack was successful because of this one flaw which cortana voice assistant has, to function during the system’s sleep time. Method used by the researchers was successful in infecting each and every device on the network by downloading the malware.
To ease your tense, the Israeli researchers brought this loophole to Microsoft’s notice to prevent the mishaps. Microsoft has brought the users back to safety by fixing this issue immediately. Also, the browsing done through Cortana on a locked system redirects to the Bing App rather than giving an access instantly to a web portal. It is very important to understand that your PC still might be in a risk with an outdated or pirated version of Windows 10 having an older version cortana voice assistant.
