Report: Researchers find a Cortana vulnerability (already patched) which could bypass protection

99
Microsoft Cortana

If a report is believed to be true, Microsoft’s Cortana could
have been used to bypass the security protection of the Windows
10 operating system. It’s worth noting that the vulnerability
has already been patched in June by Microsoft.

At Black Hat in Las Vegas this week, security researchers
Amichai Shulman and Tal Be’ery from Kzen Networks revealed how
Cortana could be used to bypass the protections. The
vulnerability existed in Cortana and Microsoft has patched it a
while ago.

“Allowing interaction with a locked machine is a dangerous
architectural decision, and earlier this year, we exposed the
Voice of Esau (VoE) exploit for a Cortana vulnerability. The
VoE exploit allowed attackers to take over a locked Windows10
machine by combining voice commands and network fiddling to
deliver a malicious payload to the victim machine,” the
researcher explains.

“In this presentation, we will reveal the “Open Sesame”
vulnerability, a much more powerful vulnerability in Cortana
that allows attackers to take over a locked Windows machine and
execute arbitrary code. Exploiting the “Open Sesame”
vulnerability attackers can view the contents of sensitive
files (text and media), browse arbitrary web sites, download
and execute arbitrary executables from the Internet, and under
some circumstances gain elevated privileges. To make matters
even worse, exploiting the vulnerability does not involve ANY
external code, nor shady system calls, hence making code
focused defenses such as Antivirus, Anti-malware and IPS blind
to the attack,” they explained.

Disclaimer: The information contained in this article
is based on a report from Black Hat. Windows
Latest makes no claims, guarantees about the accuracy or
completeness in this article, and shall not be
held responsible for anything we say in this
article. 



i am as a writer and blogger...


Leave a Reply

Your email address will not be published. Required fields are marked *