Windows 10 hacks via Cortana
What’s the threat?
Hackers can use Windows 10’s voice-activated assistant Cortana to penetrate your computer. That’s according to security researchers at Mcafee, who said they found a flaw in the operating system that let them launch Cortana from the lock screen, which is supposed to block access without a password.
In its blog post ( www.snipca.com/28193), Mcafee explained how it summoned Cortana by typing any key as the voice assistant listened to a spoken query. This meant researchers could control Cortana without logging in, letting them search files and programs, and change passwords (a hacker could do this to lock you out of your computer). In some cases they could read previews of what the files contained. Even worse, they could use Cortana to open malware stored on USB sticks plugged into the computer.
How can you stay safe?
On 12 June Microsoft released a security fix, which should have been installed automatically on your computer. To check, click the Start button, go to Settings, ‘Update & Security’, Windows Update, then click ‘Check for updates’. If Windows Update says your computer is up to date, you have all the updates available.
That will keep you safe for now, but Mcafee said its investigation into Cortana was “just scratching the surface” of the dangers posed by digital assistants. To protect yourself in future, it recommends disabling Cortana on the lock screen. Do this by clicking Cortana’s circle icon to the left of the search bar on your taskbar. Next, click the gear icon on the left pane, then, in the ‘Lock screen section’, turn the ‘Use Cortana even when my device is locked’ slider off (see screenshot).