- Cortana on Windows 10 can allow attackers access to browsers without requiring lock screen authentication.
- A similar bypass was discovered in June by McAfee which was patched by Microsoft.
- Microsoft had already patched the vulnerability before the exploit was made public.
McAfee Security found yet another Windows 10 lock screen vulnerability which allows attackers access to Internet Explorer or Microsoft Edge without requiring lock screen authentication. When using Microsoft Edge, attackers would be able to navigate to any URL while Internet Explorer allows access using only saved credentials of the user. It is possible due to a Cortana bug which allows hackers the ability to bypass the lock screen partially and allows browser access.
McAfee detailed how the exploit works by revealing “a Cortana privilege escalation leads to forced navigation on a lock screen. The vulnerability does not allow an attacker to unlock the device, but it does allow someone with physical access to force Edge to navigate to a page of the attacker’s choosing while the device is still locked.”
A similar exploit was found in June by McAfee with a similar Cortana bug which allowed a full login bypass. With the smart voice assistant being found vulnerable multiple times, it is recommended to disable Cortana from the lock screen (it is enabled by default) if other people can physically gain access to your desktop, tablet or laptop. The issues have been fixed as part of Microsoft’s August update, and if you have not updated to the latest version of Windows, McAfee recommends doing so.
Another exploit was discovered earlier that involved using a BadUSB device which could disguise itself as a network interface card. The card could be used for injecting content into secure websites and forced Cortana to web navigation. Even with the new exploits discovered by McAfee, it is still possible to force navigation with some added effort. While Microsoft’s Smart Assistant is highly useful, the tech giant needs to up its security for the app as it can post severe security risks for public computers and Windows devices that have multiple users.