Security researchers bypass lockscreen and install malware through Cortana

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Mar 7, 2018.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    38,904
    Likes Received:
    7,567
    GPU:
    AMD | NVIDIA
    airbud7 likes this.
  2. Fox2232

    Fox2232 Ancient Guru

    Messages:
    10,772
    Likes Received:
    2,709
    GPU:
    5700XT+AW@240Hz
    Seen those exploits with USB raspberry which pretended to be network adapter, dns, overriding network metric without any action and if browser was running on locked system with any site set up in client regular refresh request, it was hijacked. And apparently instantly stolen all cookies too. But it would not install anything on system, Cortana is what she looks like.
     
  3. Koniakki

    Koniakki Ancient Guru

    Messages:
    2,843
    Likes Received:
    443
    GPU:
    ZOTAC GTX 1080Ti FE
    This is just a Government cover-up.

    We all know Cortana turned evil in Halo 5! ;)
     
  4. sverek

    sverek Ancient Guru

    Messages:
    6,099
    Likes Received:
    2,948
    GPU:
    NOVIDIA -0.5GB
    "Hey, Cortana it's me your brother, remove login password please".

    M$ bloatware turning into malware.
     

  5. fantaskarsef

    fantaskarsef Ancient Guru

    Messages:
    11,700
    Likes Received:
    3,676
    GPU:
    2080Ti @h2o
    Yeah, well... who's surprised by that, not me.
     
  6. alanm

    alanm Ancient Guru

    Messages:
    9,632
    Likes Received:
    1,826
    GPU:
    Asus 2080 Dual OC
    Never used cortana. First thing I disable after a 10 install.
     
    Clawedge likes this.
  7. HK-1

    HK-1 Master Guru

    Messages:
    632
    Likes Received:
    276
    GPU:
    XFX RX460
    hehe here no problem my OS simply don't have this useless "thing":p:D
     
  8. KissSh0t

    KissSh0t Ancient Guru

    Messages:
    8,011
    Likes Received:
    2,069
    GPU:
    ASUS RX 470 Strix
    Cortana, Sing me a song.

    Cortana, Uninstall Yourself.
     
    alanm likes this.
  9. mbk1969

    mbk1969 Ancient Guru

    Messages:
    9,637
    Likes Received:
    6,506
    GPU:
    GF RTX 2070 Super
    "An attacker with physical access to a locked Windows 10 computer could insert a malicious USB network adapter to the system"

    Too complicated. Attacker could just tie you and torture until you tell him all the passwords.
     
    AsiJu likes this.
  10. deusex

    deusex Master Guru

    Messages:
    578
    Likes Received:
    57
    GPU:
    Nvidia 2080 Ti FE
    Does anyone even used this garbage Cortana??? To me its just annoying feature.
     

  11. nosirrahx

    nosirrahx Master Guru

    Messages:
    262
    Likes Received:
    80
    GPU:
    HD7700
    As soon as I figured out how to completely remove it before install with MSMG toolkit it hasn't been on a single system I have built. No one wants its.
     
  12. AsiJu

    AsiJu Ancient Guru

    Messages:
    6,528
    Likes Received:
    1,639
    GPU:
    -
    Yes, if anyone with malicious intent has physical access to your PC something's gone wrong elsewhere.

    Still, seems like every other day some "mega-exploit" is found.
    Soon WU will roll out a security update:

    "Cumulative Update for XXXX version of Windows 10: prevents all access to Windows 10.
    Please save your work before rebooting"

    xD
     
    321Boom and mbk1969 like this.
  13. mbk1969

    mbk1969 Ancient Guru

    Messages:
    9,637
    Likes Received:
    6,506
    GPU:
    GF RTX 2070 Super
    Popping up a blocking dialog with text "Update is about to reboot your PC. Press Cancel to postpone", and only with button OK.
     
    AsiJu likes this.
  14. Monchis

    Monchis Maha Guru

    Messages:
    1,304
    Likes Received:
    36
    GPU:
    GTX 950
    The most bloatware the more things can go wrong, always wanted to be able to uninstall that crap.
     
  15. XP-200

    XP-200 Ancient Guru

    Messages:
    5,414
    Likes Received:
    940
    GPU:
    Zotac GTX 1080 Mini
    So disable Cortana(who even uses this. lol), and disable USB powered in sleep and hibernate, and wake up when in sleep mode via USB.....there, sorted. lol
     

  16. maikai

    maikai Maha Guru

    Messages:
    1,307
    Likes Received:
    46
    GPU:
    NVIDIA 1070 Ti FE
    I actually use Cortana every day, she way better then siri or google and soon shell have integration with alexa. I use her to control my home lights etc. I also have a windows phone. people use the exact same fregging things on iphones and google phones and amazon devices every single day, so what do you guys mean who even uses this? its all the same thing only different companies......
     
  17. lucidus

    lucidus Ancient Guru

    Messages:
    11,857
    Likes Received:
    1,378
    GPU:
    .
    What if Cortana gave away all your passwords to attackers because you called her Siri in your sleep? :p
     
    Koniakki and mbk1969 like this.
  18. tsunami231

    tsunami231 Ancient Guru

    Messages:
    10,664
    Likes Received:
    617
    GPU:
    EVGA 1070Ti Black
    I dont even have mic connected to my pc and i have my iphones mic disable for apps and I disabled siri. I dont like the idea that my computer or phone is constantly listening to me and the surroundings let alone camera be constantly on even if not not being used, both could be on and the person would never know. special if there person that turned them didnt want you to know. which why I dont have camera on my pc either.

    I subject I think there "security researchers" need to stop out security flaws and stuff in to publicly, thats how meltdown and spectre went off the rails
     
    Last edited: Mar 7, 2018
  19. TheSarge

    TheSarge Master Guru

    Messages:
    805
    Likes Received:
    14
    GPU:
    MSI GTX 1080 GAMING X
    I disable Cortana the usual way and then the advanced way.
    The advanced way is to:

    1) log in as administrator
    2) navigate to C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy
    3) right-click on SearchUI.exe and click Properties
    4) Click the Security tab
    5) Click the Advanced button
    6) At the top, on the "Owner" line, click "Change"
    7) Click apply and OK
    8) open that page again and click the login name that is your Administrator account
    9) click Edit
    10) give yourself full controll
    11) Ok, apply, OK, yes, OK, Ok
    12) renamed SearchUI.exe to renamedSearchUI.exe

    Congratulations, you've killed Cortana, at least until Microsoft resurectes it via Windows Update.
     
  20. airbud7

    airbud7 Ancient Guru

    Messages:
    7,835
    Likes Received:
    4,732
    GPU:
    pny gtx 1060 xlr8
    I use Google microphone ....I can even have a few drinks and it still understands me...

    In fact, I just wrote that^(and this) and never touched my keyboard.
     

Share This Page