“Hey Cortana, can you change my password?”

Do you ever save passwords to a text file on your computer? If you do, then Cortana – Microsoft’s assistant for Windows 10 – may allow someone to gain access to your computer even while it’s locked. This flaw was patched in the Microsoft Patch update released yesterday.

The security flaw relates to the fact that Cortana (which can be activated by saying Hey Cortana) can allow you to search files on a computer, view their contents, and execute shell commands using PowerShell or other tools. If one of these files contains your computer password, someone could use this to log into your computer and bypass any security you would otherwise have in place.

For more details, you can view the full write up at Bleeping Computer; and as always, make sure you install updates on your computer – it’s the best way to stay protected.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.