Skip to main content

Cortana could have been used to hack into Windows 10

Image Credit: Microsoft

While having Cortana on the lock screen of your Windows 10 device may be convenient, it could also put your system at risk according to a new discovery by researchers at McAfee

The security firm's researchers discovered that Microsoft's digital assistant could be summoned from the lock screen and used to execute malicious software. However, an attacker would first need physical access to a machine before they could infect it.

In a blog post (opens in new tab) on its site, McAfee explained exactly how a potential hacker would go about getting Cortana to index malicious files from a USB drive in order to execute them. The files used could be executables or even Powershell scripts that could be utilised to reset a user's account password in Windows 10. 

The attack itself takes advantage of how Microsoft's digital assistant is able to listen for commands while a device running Windows 10 is locked as well as the fact that the operating system regularly indexes files so that they can be available to Cortana's search interface. 

To protect your system from falling victim to such an attack, McAfee recommends disabling Cortana on the lock screen. While such an attack is still possible on unpatched machines, it is now less likely thanks to a recent security update from Microsoft to address the issue. 

Image Credit: Microsoft

After getting his start at ITProPortal and then working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches to how to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.