Voice activated personal assistants are supposed to make our lives easier, which is why tech companies are building them into everything. Amazon’s range of smart speakers come pre-installed with Alexa, while smartphones ship with Siri, Google Now or Cortana depending on the manufacturer.
You can even find digital assistants built into your home computer now too. Ever since Windows 10 was released, PC users have been able to issue voice commands via Cortana just like they do using their phones.
Researchers uncover a new bug
Cybersecurity experts and hackers are constantly trying to find gaps and flaws that allow them to break into computers. And because Cortana is relatively new, the virtual assistance has been under intense scrutiny.
Sure enough, a flaw has been discovered that allows hackers to break into a Windows 10 PC using Cortana voice commands – even when it is locked. The problem is that Cortana is always listening. Although this is meant to make your life easier, it means that anyone can issue voice commands to the computer.
Normally it would be impossible to install malware or hack the computer while it is locked. But Cortana circumvents the usual safeguards, allowing a hacker to execute the commands that will install malware.
Don’t panic just yet
Cortana cannot be forced into downloading malware from the Internet or other computers – but it can be used to run scripts and other executables from a USB drive. This is good and bad news. Bad because Cortana can be tricked into installing malware, good because it can only be done with physical access to your computer.
If you can keep hackers out of your house, they won’t be able to access your computer. There is also no proof that the Cortana bug has been exploited by hackers yet.
Protect yourself
Just because the chances of falling victim to this particular hacking technique are rare, doesn’t mean you shouldn’t take steps to protect yourself. First, you must disable Cortana on the lock screen – you can find a complete guide here. Note that Cortana will still function normally once your computer is unlocked.
Next, you must install a reliable antivirus suite like Panda Dome. Panda Dome will detect malware and viruses automatically and prevent them being installed – by Cortana or any other method.
Finally, you must update Windows 10 regularly to patch these vulnerabilities as quickly as possible. Microsoft has already released an update address the Cortana flaw. You can download the patch directly from Microsoft Security TechCenter, or use Windows Update to fix this and other issues automatically.
With the patch applied, you can decide whether to re-enable Cortana on the lock screen or not.
Don’t wait
Every security risk needs to be fixed as soon as possible. Use the instructions above to bring your PC security up-to-standard – and don’t forget to download your free trial of Panda Dome either. You can learn more here.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
Panda Free Antivitus
FREE TECHNICAL SUPPORT
