Researchers Find a Backdoor Into Windows 10 Through Cortana

Forum Moderators: open

Message Too Old, No Replies

Researchers Find a Backdoor Into Windows 10 Through Cortana

engine

7:00 pm on Mar 7, 2018 (gmt 0)

According to a report, researchers have found a back door into Windows 10 via Cortana voice commands which could allow bad actors to install malware.

Tal Be'ery and Amichai Shulman found that the always-listening Cortana agent responds to some voice commands even when computers are asleep and locked, allowing someone with physical access to plug a USB with a network adapter into the computer, then verbally instruct Cortana to launch the computer's browser and go to a web address that does not use https—that is, a web address that does not encrypt traffic between a user's machine and the website. The attacker's malicious network adapter then intercepts the web session to send the computer to a malicious site instead, where malware downloads to the machine, all while the computer owner believes his or her machine is protected. Researchers Find a Backdoor Into Windows 10 Through Cortana [motherboard.vice.com]

IanCP

8:21 pm on Mar 7, 2018 (gmt 0)

Now who would have ever thought that any such thing was possible?

</sarcasm>

engine

9:16 am on Mar 8, 2018 (gmt 0)

Well, yes, and this, of course, is, without doubt, not the only voice control which could cause similar problems.

keyplyr

10:04 am on Mar 8, 2018 (gmt 0)

1st thing I did was remove Cortana & all associated files from my desktop computer... not that I had imagined it as a security vulnerability, but just didn't want it in my machine.

It's still in my Surface though, although I don't think I've ever accessed it and I've never turned on the Mic.

So if this hack needs someone to be physically present to do the deed, there are other safeguards in place...

BEWARE OF DOG!

IanCP

9:10 pm on Mar 8, 2018 (gmt 0)

1st thing I did was remove Cortana & all associated files from my desktop computer...

Ditto for myself - anything I didn't find useful for me personally - I have always removed.

It reminds me back in the days when a large PC hard drive was even smaller than many files today. A friend who was more software savvy than most of us was raging on about how "Micro$oft Bloatware" was unnecessarily consuming his precious hard drive space.

He wrote a small utility which listed and ultimately quarantined all M$ files which had not been used in the previous twelve months. They were quarantined to another spare drive or to floppies.

I can't remember precise details beyond it being in the days of DOS and a Windows version earlier than 3.1. What I do remember was that the quarantine directory folder sizes were almost as large as the retained files on drive C:\ necessary for operation of his PC.

Ever since those decades back - I always remember "Micro$oft Bloatware" as being mostly unnecessary. Most people don't even know it.

tangor

11:10 pm on Mar 8, 2018 (gmt 0)

Cortana reinstalls during some updates. Might check that. Hackers don't care if you turn off the mic, they can turn it on. (Smarter than we are).

Physically secure your systems as well as adding as much software protection you can.

keyplyr

12:02 am on Mar 9, 2018 (gmt 0)

No, Cortana never reinstalled. It won't if your remove the DLL files (there are 6) and turn it Off in bios.

tangor

2:54 am on Mar 9, 2018 (gmt 0)

YMMV, three of my clients have had Cortana come back from the dead. You must have lucky bytes. Has your search experience remained good (local)?

keyplyr

3:53 am on Mar 9, 2018 (gmt 0)

I rarely use my Windows desktop machine for local search.

My Android mobile phone is so much better at it and connects seamlessly to Google's driving navigation app... and that's when I need it, when I'm out looking for local businesses & locations.

But no, I've not seen any impact on Bing (Windows) search by removing Cortana.