McAfee discovers code execution vulnerability using Microsoft’s Cortana

99
Cortana in Windows 10
Image Courtesy: Arstechnica.com

Microsoft has improved the search feature in Windows 10 with
Cortana digital assistant, and it’s now easier to find the
information that you’re looking for straight from Cortana with
simple voice command. Microsoft earlier this month at
Insider Dev Tour in London revealed that more than
150 million people use Cortana across 13 countries.

On the other hand, the talented security researchers at McAfee
discovered a code execution vulnerability in the operating
system using Microsoft’s digital assistant, Cortana.

McAfee Labs Advanced Threat Research team in a blog post announced
the discovery of a code execution vulnerability on Windows
10. The researchers have used default settings for Windows 10
and Cortana to “break” into a locked Windows 10 device.

It’s worth noting that McAfee Labs Advanced Threat Research
team submitted the vulnerability details to
Microsoft On April 23, and the latest June 2018 patch
for Windows 10 includes the fixes for the disclosed
vulnerability.

“The vulnerability was submitted to Microsoft as part of the
McAfee Labs Advanced Threat Research team’s responsible
disclosure policy, on April 23. Attribution for this
vulnerability submission goes to Cedric Cochin, Cyber Security
Architect and Senior Principle Engineer,” McAfee’s security
researchers Cedric Cochin and Steve Povolny said in a
blog post.

This week’s Patch Tuesday from Microsoft contains fixes for
these issues under CVE-2018-8140.
Microsoft explains that the attacker would require physical
access to a Cortana-enabled system to exploit the
vulnerability. The attacker who successfully exploited the
vulnerability could execute commands with elevated permissions.

“An Elevation of Privilege vulnerability exists when Cortana
retrieves data from user input services without consideration
for status,” Microsoft explains. “The security update addresses
the vulnerability by ensuring Cortana considers status when
retrieves information from input services.”

Cortana security issues
Image Courtesy: McAfee.com

McAfee Labs Advanced Threat Research team discovered three
attack vectors. The locked screen could be bypassed by using a
voice command in Cortana.

An attacker could search for confidential information and
files, locate and sensitive information (it depends on the app
and restrictions), and execute arbitrary code from the lock
screen using Cortana, the security firm explains.

McAfee advises users to install the latest security patch on
Windows 10 to ensure a safe and secure experience.

Disclaimer: The information contained in this article
is based on a report from McAfee Labs
Advanced Threat Research team. Windows Latest makes no claims,
guarantees about the accuracy or completeness in this
article, and shall not be held responsible for
anything we say in this article.



i am as a writer and blogger...


Leave a Reply

Your email address will not be published. Required fields are marked *