Windows 10 users are being urged to make sure their PCs are fully up-to-date as a serious vulnerability has been discovered which could give hackers full access to PCs.
McAfee Labs Advanced Threat Research team said they discovered that a PC could be targeted by using a voice command in Cortana.
Without needing passwords or facial recognition, cyber criminals could be able to search for confidential information or files and even execute arbitrary code from the lock screen simply by using Microsoft’s voice assistant.
Even more serious, is that McAfee’s research revealed that a Cortana bug allowed a payload to be installed from a USB stick, with the attacker then able to change the login credentials and get full access to the PC.
The vulnerability was submitted to Microsoft as part of the McAfee Labs Advanced Threat Research team’s responsible disclosure policy, on April 23.
In a post on their blog McAfee said: “June’s “Patch Tuesday” (June 12) is here, but it is likely many Windows 10 users have not yet applied these updates.
“If you have not, just be sure not to leave your laptop lying around!
“The patches in this cycle fix a code execution vulnerability using the default settings for Windows 10 and the “Cortana” voice assistant.”
Microsoft pushed out a fix earlier this week with the technology firm also keen to tell users that the exploit only worked if a hacker has access to the physical machine.
In a statement, the US technology firm said: “An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status. An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.
“To exploit the vulnerability, an attacker would require physical/console access and the system would need to have Cortana assistance enabled.
“The security update addresses the vulnerability by ensuring Cortana considers status when retrieves information from input services.”
It has not been a good week for Windows 10 or Microsoft with consumer champion Which? revealing many users are still facing issues with the popular software.
In a report published on their website, Which? said that half of Windows 10 users have experienced computer problems after installing the update.
The survey of more than 1,100 Which? members found the most common complaints following the update to Windows 10 included software compatibility issues, such as programmes not working properly, followed by hardware problems, such as printers and speakers losing their connection.
Alex Neill, Which? Managing Director of Home Products and Services, said: “Two years on from raising this issue with Microsoft, customers are still frustrated by this software and the poor customer service they are getting. What started out as a tech problem has become a huge customer service fail.
“Microsoft needs to finally engage with its customers, do more to fix the problem and pay out compensation, where appropriate.”
Mickleach.com is your news, entertainment, music & fashion website. We provide you with the latest news and videos straight from the entertainment industry.