Windows has finally fixed a bug that enabled hackers to gain access to a Windows computer through the operating system’s voice assistant Cortana. The problem was first spotted by McAfee which informed Microsoft about the issue in late April.
Hackers could exploit the vulnerability to gain access to a locked computer. Microsoft fixed the bug Tuesday, June 12.
Cortana is a voice assistant just like Amazon’s Alexa, Apple’s Siri, or Google Now, which enables you to browse the web, find info on your computer, and perform basic tasks remotely.
Hackers were able to access a computer through the voice assistant. McAfee found that a code execution flaw dubbed CVE-2018-8140 could be exploited by malicious actors to reset the password from the Windows 10 lock screen, access personal data, and run malicious code.
You Can Disable Cortana Manually
Even if you haven’t installed the latest patch, you can protect your computer by manually disabling the voice assistant from the computer’s lock screen. McAfee researchers were able to get into up-to-date versions of the operating system through the glitch.
Experts assured users that the vulnerability is not as dangerous as it sounds. The hacker needs to have access physically to the computer and ensure that he matches Cortana with precise commands. So, it is highly unlikely that regular users have used the exploit to access your computer.
McAfee praised Microsoft for the new patch and added that the vulnerability needs further investigation. It is worrisome that hackers can now access a computer via a voice assistant, as the technology has become increasingly popular in recent years.
We are just scratching the surface of the amount of research that should be conducted in this critical area,
McAfee said in a written statement.
Image Source: Flickr