Windows 10: McAfee discovers code execution vulnerability using Microsoft’s Cortana

Discus and support McAfee discovers code execution vulnerability using Microsoft’s Cortana in Windows 10 News to solve the problem; Microsoft has improved the search feature in Windows 10 with Cortana digital assistant, and it’s now easier to find the information that you’re looking... Discussion in 'Windows 10 News' started by WinLatest, Jun 12, 2018.

  1. WinLatest New Member

    McAfee discovers code execution vulnerability using Microsoft’s Cortana


    Microsoft has improved the search feature in Windows 10 with Cortana digital assistant, and it’s now easier to find the information that you’re looking for straight from Cortana with simple voice command. The talented security researchers at McAfee discovered a code execution vulnerability in the operating system using Microsoft’s digital assistant, Cortana.

    McAfee Labs Advanced Threat Research team in a blog post announced the discovery of a code execution vulnerability on Windows 10. The researchers have used default settings for Windows 10 and the Cortana to “break” into a locked Windows 10 device.

    It’s worth noting that McAfee Labs Advanced Threat Research team submitted the vulnerability details to Microsoft on April 23, and the latest June 2018 patch for Windows 10 includes the fixes for the disclosed vulnerability.

    “The vulnerability was submitted to Microsoft as part of the McAfee Labs Advanced Threat Research team’s responsible disclosure policy, on April 23. Attribution for this vulnerability submission goes to Cedric Cochin, Cyber Security Architect and Senior Principle Engineer,” McAfee’s security researchers Cedric Cochin and Steve Povolny said in a blog post.

    This week’s Patch Tuesday from Microsoft contains fixes for these issues under CVE-2018-8140. The attacker would require physical access to a Cortana-enabled system to exploit the vulnerability. The attacker who successfully exploited the vulnerability could execute commands with elevated permissions.

    “An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status,” Microsoft explains. “The security update addresses the vulnerability by ensuring Cortana considers status when retrieves information from input services.”

    McAfee Labs Advanced Threat Research team discovered three attack vectors. The locked screen could be bypassed by using a voice command in Cortana.

    An attacker could search for confidential information and files, locate and sensitive information (it depends on the app and restrictions), and execute arbitrary code from the lock screen using Cortana.

    Disclaimer: The information contained in this article is based on a report from McAfee Labs Advanced Threat Research team. Windows Latest makes no claims, guarantees about the accuracy or completeness in this article, and shall not be held responsible for anything we say in this article.

    The post McAfee discovers code execution vulnerability using Microsoft’s Cortana appeared first on Windows Latest

    Weiterlesen...
     
    WinLatest, Jun 12, 2018
    #1

  2. Can I install updates via McAfee Vulnerability Scanner

    Is it advisable to install all the updates that the McAfee Vulnerability Scanner finds, and download and install them through McAfee? Thought I would be getting notifications from Microsoft on needed updates. They listed several Windows 10 updates and a
    few program updates like Adobe Flash Player for Windows 10 and Shockwave Player. I've always received notifications from Adobe in the past when Flash Player needed an update. Is this new way or is McAfee just intruding?

    McAfee Vulnerability Scanner Update List- Original Title
     
    KirbyJHancock, Jun 13, 2018
    #2
  3. Cortana can't hear me

    Hi Isidora,



    Thank you for posting in Microsoft Community.

    I regret the inconvenience caused to you. Let me help you.




    • Do you see any error code or error message on the screen?
    I suggest you to go through the below methods and check if it helps.

    Step 1:

    I suggest you enable settings in the Playback Devices and check if it helps.

    Follow the below steps:

    • Right click on the speaker icon on your taskbar.
    • Select Playback Devices.
    • Click on the Playback Devices and right click on the
      Speakers/Headphones.
    • Check mark on the Show Disabled Devices and
      Show Disconnected Devices.
    If the issue persists the follow the below step.

    Step 2:

    I suggest you to refer to the following Microsoft article on Cortana can't hear me and check if it helps.

    http://windows.microsoft.com/en-US/Windows-10/cortana-cant-hear-me

    Reference: Refer to the following Microsoft article on
    Cortana & search.

    Check if it helps.



    I hope the issue will be resolved. If not, please feel free to contact us again. We will be happy to assist you accordingly.



    Thank you.
     
    Aswin_Anand, Jun 13, 2018
    #3
Thema:

McAfee discovers code execution vulnerability using Microsoft’s Cortana

Loading...
  1. McAfee discovers code execution vulnerability using Microsoft’s Cortana - Similar Threads - McAfee discovers code

  2. MS17 -010 Microsoft SMBv1 Remote Code Execution Vulnerability , patch provided by the...

    in Windows 10 Gaming
    MS17 -010 Microsoft SMBv1 Remote Code Execution Vulnerability , patch provided by the...: Dear Microsoft Team ,MS 17 - 010 Microsoft SMBv1 Remote Code Execution Microsoft SMBv1 Remote Code Execution Vulnerability.Dear Microsoft Team , Need assistance on MS17 -010 Microsoft SMBv1 Remote Code Execution Vulnerability patch along with the KB number , patch provided by...
  3. 3D Builder remote code execution vulnerability

    in Windows 10 Gaming
    3D Builder remote code execution vulnerability: Removed all instances including provisioned of 3DBuilder save for one that is listed as "staged" with no package user info other than {S-1-5-18}. Any way of getting rid of this hopefully via powershell? It seems to be triggering a Tenable.io plugin but I'm wondering if it is...
  4. 3D Builder remote code execution vulnerability

    in Windows 10 Software and Apps
    3D Builder remote code execution vulnerability: Removed all instances including provisioned of 3DBuilder save for one that is listed as "staged" with no package user info other than {S-1-5-18}. Any way of getting rid of this hopefully via powershell? It seems to be triggering a Tenable.io plugin but I'm wondering if it is...
  5. 3D Builder remote code execution vulnerability

    in AntiVirus, Firewalls and System Security
    3D Builder remote code execution vulnerability: Removed all instances including provisioned of 3DBuilder save for one that is listed as "staged" with no package user info other than {S-1-5-18}. Any way of getting rid of this hopefully via powershell? It seems to be triggering a Tenable.io plugin but I'm wondering if it is...
  6. Critically severe Windows vulnerability discovered

    in Windows 10 News
    Critically severe Windows vulnerability discovered: In May 2017, the WannaCry ransomware attack swept the globe, affecting computers that used Microsoft Windows. During the attack, users' files were locked and a ransom in Bitcoin was demanded in exchange for their release. It hit hundreds of thousands of computers globally and...
  7. McAfee discovers new Windows 10 Cortana vulnerabilities that could manipulate locked systems

    in Windows 10 News
    McAfee discovers new Windows 10 Cortana vulnerabilities that could manipulate locked systems: Today, McAfee has announced that it has discovered a new vulnerability in Windows 10’s Cortana digital assistant which could be used to manipulate locked systems with physical access. It’s worth noting that the two new flaws have been addressed as part of Microsoft’s August...
  8. HP Ink Printers Remote Code Execution Vulnerability

    in Windows 10 News
    HP Ink Printers Remote Code Execution Vulnerability: SUPPORT COMMUNICATION- SECURITY BULLETIN Document ID: c06097712 Version: 2 HPSBHF03589 rev. 2 - HP Ink Printers Remote Code Execution Notice:: The information in this security bulletin should be acted upon as soon as possible. Release date : 01-Aug-2018 Last updated :...
  9. CVE-2018-8245 Microsoft Publisher Remote Code Execution Vulnerability

    in Windows 10 News
    CVE-2018-8245 Microsoft Publisher Remote Code Execution Vulnerability: A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects. An attacker who successfully exploited the vulnerability could force arbitrary code to be executed in the...
  10. New Microsoft Edge vulnerability discovered

    in Windows 10 News
    New Microsoft Edge vulnerability discovered: Trailing along a number of vulnerabilities across Microsoft’s range of products recently, yet another major security flaw has been discovered. This time by security researcher Manuel Caballero, this latest flaw enables the theft of cookie and password data in Microsoft Edge,...