Skip to Content

Cortana lets hackers in Windows even when it’s locked

On the surface, Cortana seemed like an outstanding addition to the Windows OS. Not only was it outstanding, but it was also necessary as a technology upgrade given the way people have really begun to rely on their devices for more than just basic tasks.

Similar to things like Google Home and Amazon Alexa, Cortana — through Windows — is able to respond to voice commands and act as a virtual assistant. It can help out in a variety of different ways and with many kinds of tasks, and in theory, is a great thing to have around.

Yet, like as is often the case, there is a bit more here than meets the eye. Specifically, there is a flaw, a vulnerability, that turns Cortana into something that does plenty more harm than good.

Your assistant will lead people into the computer

A couple of Israeli researchers discovered that Cortana will listen and respond to voice commands even if the computer is locked, with the software providing direct browsing to websites. Because of that, it essentially gives hackers an easy pathway toward issuing voice commands to your Windows 10 PC and can direct it to non-HTTPs sites.

How it works

The hack requires a USB network adapter that, after it has been attached to a PC, intercepts traffic to it and sends it to a site the hacker has stocked with malware. With only a mouse, the hacker can connect the PC to any Wi-Fi network.

There is some good news

Most hacks involve us accidentally downloading a malicious file or visiting a bad site. This one, however, needs the hacker to have actual, physical contact with your computer in order to plug in the USB network adapter. No access, no hack.

What to do once they do have access

Unfortunately once the hacker is able to connect their USB adapter, the one infected computer can then lead them to others that are connected to the same network. Using what is called ARP Poisoning, the infection can spread and allow the initial compromised PC to trick the others on the local wireless network into sending their incoming traffic to the bad network.

So, while it may be difficult for the hacker to gain access to the computer, they will only need to get to one before doing a significant amount of damage.

How do we fix this?

The first thing you can do is make sure no one accesses your computer who shouldn’t, which can be done by setting it to need a password after a certain amount of time being inactive. As for the Cortana problem, Microsoft is aware, and their first step was to pass all of Cortana’s internet requests through Bing.

That helps, but it does not fix the issue of Cortana being accessed even when the PC is locked. That can be disabled, though. Just go to “Cortana & Search Settings” and, where it says “Lock Screen,” click to turn it off.

This style of attack is similar to what is known as a “Dolphin Attack,” in which people would take advantage of assistants like Siri and Alexa by issuing voice commands, though it is also possible to open them by encoding commands in frequencies above 20,000 Hz, which is the known limit for the human ear. You can read more about that kind of hack by clicking here.

Have a question about Facebook? Kim has your answer! Click here to send Kim a question, she may use it and answer it on her radio show. The Kim Komando Show is broadcast on over 450 stations. Click here to find the show time in your area.

Speaking of Windows, it is not without annoying problems

Windows 10 has been around long enough that many of the early kinks have been worked out. However, there are still some frustrating issues hanging around. That’s why you need to know about these five annoying Windows problems and how to fix them. App background

Check out the free App!

Get tech updates and breaking news on the go with the App, available in the Apple and Google Play app stores.

Get it today