Microsoft Fixes a Major Cortana Vulnerability

Posted on June 13, 2018 by Paul Thurrott in Windows 10 with 13 Comments

Windows 10 Tip: Read, Reply To, and Send Text Notifications Via Your Android Handset

Security researchers from McAfee discovered a major vulnerability in Cortana in Windows 10. Fortunately, Microsoft just fixed it.

(See, Google? This is how you can work with platform makers when you discover vulnerabilities.)

“June’s ‘Patch Tuesday’ is here, but it is likely many Windows 10 users have not yet applied these updates,” McAfee notes in a blog post describing the vulnerability. “If you have not, just be sure not to leave your laptop lying around.”

According to McAfee, previous to this week’s patch, hackers could use “Hey, Cortana” to wake sleeping or locked Windows 10 PCs and arbitrarily run code that could exploit the system. It then documented several ways in which this could happen. The results could include resetting the user’s password and taking over the PC and the user’s account.

“The easiest mitigation technique, in the absence of patching the device (which we strongly recommend), is to turn off Cortana on the lock screen,” McAfee adds. “This week’s Patch Tuesday from Microsoft contains fixes for these issues under CVE-2018-8140.”

“An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status,” the Microsoft patch description notes. “An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.”


Tagged with

Join the discussion!


Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Comments (13)

13 responses to “Microsoft Fixes a Major Cortana Vulnerability”

  1. RM

    "(See, Google? This is how you can work with platform makers when you discover vulnerabilities.)" Google doesn't know what you are talking about, there whole purpose with being evil is to weaken Microsoft's products at the cost of everyone. ;)

  2. bbold

    Good to know!

    I have a question.. If McAfee (and other Antivirus programs) are truly 'bad' for our PC's (according to most techs I know, including Leo LaPorte), then how is it that a company like McAfee (who reportedly is slow to respond to sudden attacks, security issues and malware incidents) able to find this issue before Microsoft, who apparently has Windows Defender which is 'just as good' as McAfee or any of the other AV programs? Makes me wonder if we should be switching to a third party AV or just stick with Windows Defender.. Any thoughts?

  3. Bats

    No word on the fix for Cortana's other vulnerability? It's useless-ness?

  4. Winner

    ...but I thought Windows 10 was more secure than Windows 7 and 8?

    Those versions don't have the Cortana vulnerability.

    • JCerna

      In reply to Winner:

      So this type of vulnerability requires physical access to the machine. In windows and Mac OS you can boot using a flash drive on almost any machine and then use simple commands to "hack" an account and do what ever you want. Heck you could install software, viruses, what ever.

      Windows 10 is more secure than 7 that is a fact. You should never leave your device were others can access it locally, because at that point security is basically gone.

      • Winner

        In reply to JCerna:

        You can't really say Windows 10 is more secure. That takes years of experience. There have been vulnerabilities that are unique to Win 10 but not 7 or 8. Windows 10 may have more security features than earlier versions, but that is not the same as actual security. New features actually introduce vulnerabilities, and only with the benefit of 5-10 year hindsight can you really say which versions were better. Which is why it was ridiculous that, upon the release of Windows 10, it was claimed to be "the most secure Windows ever".

      • Tony Barrett

        In reply to JCerna:

        Windows 10 may be designed to be more secure, and I don't doubt that, but the majority of those monthly security fixes for Win7 and 8 are also applicable to Win10 - and Win10 has a much bigger attack surface with all those extra features!

        Win10 is just Windows underneath, built on the same monolithic kernel, so while MS seek to secure it from the outside world, internally, it's just as vulnerable.

  5. madthinus

    Great, so they can just sweet talk their way into my computer...

  6. PeteB

    Thank god I just delete cortana from the install ISO with MSGS Toolkit so it can't even take root. #prevention