What is CORTANA?
CORTANA is an artificial intelligence-based smart assistant that Microsoft has built into every version of Windows 10 with the help of CORTANA we can do our task by only using the Voice command. CORTANA AI System recognized the voice and perform the steps according to that. Microsoft also integrates the CORTANA in also the EDGE Browser.
SO WHAT IS THE PROBLEM IN CORTANA?
By using the CORTANA we can Unlock the System Passwords!! Let us Discuss how??
This is an “Elevation of privilege vulnerabilities”Cortana retrieves data from user input services without consideration it.
If an attacker wants to perform this attack he needs to have physical access to the targeted system and the targeted system also needs to have Cortana enabled.
- How does it work?
An attacker uses the simple PowerShell script which he already stored in the victim machine.
Lock the computer
Trigger Cortana via “Tap and Say” or “Hey Cortana”
Ask a question such as “How are you?”
Press the spacebar, and the context menu appears
Press Esc and the menu disappears
Press the spacebar again, and the contextual menu appears, but this time the search query is empty
Start typing (you cannot use backspace). If you make a mistake, press Esc and start again.
When done (carefully) typing your command, click on the entry in the Command category.
You can always right click and select “Run as Administrator” (but remember the user would have to log in to clear the UAC)
So now you can call your stored PowerShell script. So Cortana helps you to run that file even if you are not logged in.
Example If you stored your file say pass.ps1.So you have to speak “PAS” to Cortana but if you say “pass” to Cortana it will not show you the pass.ps1.Because Cortana can be quite picky with verbal statements and there is no dictionary definition for “pass,” leading to Cortana inviting us to continue in Edge after unlocking the device.
Cedric Cochin of McAfee’s Advance threat research (ATR)team will demonstrate how it will be performed
- WHAT CAN YOU DO?
Microsoft had already released the patch for this vulnerabilities. So make sure you are regularly Updating your system. If not you can update your system by:
Clicking the Windows icon in your taskbar to open up the Start menu. (If you don’t already know, this icon is in the bottom left corner of your screen.)
1. Click “All Programs.”
2. Click, “Windows Update.”
3. After Windows Update opens, click “Check for Updates” on the top left side of the window.
4. Once Windows finishes checking for updates, click the “Install” button.
5. When the updates have finished installing, restart your computer (if prompted)
- Another solution is You can Also turn off the Cortana.
Don’t be afraid after reading about this vulnerability you can easily be secured from such vulnerabilities by following a security incident plane provided by a security vendor like Khanna security solution.
Contact Us Today to schedule a security audit for your assets.
Want to Know About “Can you Afford A Security Breach?” Read THIS