Vulnerability Exposed in Windows Devices via Cortana

Target: Windows systems with Cortana enabled.


Attack Vector: Intercepting web sessions or connecting a target machine to a network controlled by a threat actor.

Summary: While passwords are generally seen to protect computers and limit any threat unless the password can be bypassed, two Israeli researchers have found this is not the case with Windows devices. Using Windows voice assistant Cortana, similar to Siri and Google Assistant, threat actors can carry out operations despite the target machine being locked. What is notable is that other voice assistants, manufactured by Apple and Google, offer limited functionality when the machine is locked. Cortana offers far greater functionality than others, leaving Windows systems exposed.

Risk assessment summary: This threat is assessed as 4C LOW. The flaw is very easy to exploit, with less skilled threat actors also possibly being able to carry out a successful exploit. There are multiple threat vectors, which offer a threat actor a wide range of further attack options. Threat actors are also able to choose what type of malware or virus they drop on a target machine, increasing the risk. However, threat actors would generally need physical access to a machine, lowering the chances of the initial attack.

Leave a Reply

Your email address will not be published. Required fields are marked *