Two security researchers from Israel found ways to download malicious programs on a locked Windows PC using Microsoft Voice Assistant Cortana. Cortana has not only become a good helper for ordinary users, but also may be a good helper hackers.
Not long ago, Microsoft upgraded Cortana to allow users to use this virtual voice assistant while the computer is locked. This feature is actually not surprising in itself, Apple's Siri and Google Assistant can be achieved on the smart phone. Under normal circumstances, the device is locked, the user can use the functions are very limited, at least Google Assistant and Apple Siri is doing so. However, Cortana is not the same as the first two.
Users can have Cortana open the site even when the computer is locked. After receiving the user's instructions, Cortana will do its due diligence to open the website, however its operation is meaningless to the average user because the opened page will not be displayed on the lock screen. However, in the eyes of hackers, this feature of Cortana opens the door for them to access the computer without authorization, and even can intervene in other computers on the same network.
The two security researchers mentioned earlier plugged a USB device with a network adapter into the computer that intercepted the computer's network request and redirected those network requests to another site that contained the malicious program. After this site will automatically download and install malicious software to the computer. When this computer is infected, it can use a variety of methods to infect other computers in the same network.
Microsoft said they already know the flaw, but their response is ridiculed: When the user is asking Cortana to open a webpage while the computer is locked, Cortana will no longer open the web site the user requested, but will redirect to Should search. However, this approach still allows Cortana to lock the user's instructions accordingly. Security researchers are currently looking for other similar ways to use Cortana to bypass computer lock passwords. The only temporary solution is to let Cortana only respond to your voice, and other people's voice commands will be ignored by the system. (Month constant)