google-site-verification: google30a059f9a075f398.html

Hackers can use your Window 10 Cortana to open websites, even if your PC is locked

CyberWisdom Safe Harbor Commentary on Window 10 Cortana

This story from compares an obvious in the referenced link (below) video, you notice that the researcher made a voice command and then used their password to unlock the PC from Window 10 Cortana. This vulnerability does not allow a bad character to unlock your computer, but by physically accessing your system, they can point it to whatever website they want.

By accessing your computer, especially the computer’s microphone, these “hackers” may cause them to visit malicious websites. They may even hijack your processor for crypto currency mining or installing malware.

And, as we have previously reported, you can use voice assistants to deceive noise that humans cannot hear. It is conceivable that such attacks may occur in crowded offices. Hackers will only play audio files from the phone – may pretend to answer the phone or watch the video – and nearby systems may receive hidden messages.

The situation becomes even more severe if an attacker has sufficient access/time to insert a USB drive/stick into the target PC. This combination of vulnerabilities could allow hackers to attack any computer connected to the same network. Damn!

By default, your system may “use Cortana even when the device is locked when enabled.” We strongly recommend that you solve this problem by taking the following steps:

Window 10 Cortana Vulnerability

If you have a Cortana search bar on your taskbar, click it, and then click the settings icon. (If you have already removed the search bar, just click the Windows Start button and select “Cortana” from the menu and select the Settings icon).

Next, scroll down to the “Lock screen” section and turn off “Use Cortana even when my device is locked.”

More Window 10 Cortana Precaution


For added security, you can disable “let Cortana respond to ” Hey Cortana, which will require you to click the microphone icon whenever you want to use voice control.

Read More…

A pair of independent researchers yesterday uncovered a particularly worrisome security vulnerability in Microsoft’s Windows 10. If your PC’s OS was installed with default settings this could affect you. The simple “hack” involves activating Cortana via voice command to open websites on a PC that’s been locked. In the above video, you’ll notice the researcher issues the voice command and then unlocks the PC with their password. The vulnerability doesn’t allow a bad actor to unlock your computer, but with physical access to your system they could direct it to just about any website they wanted. With access to your This story continues at The Next WebOr just read more coverage about: Cortana,Windows Engaging post, Read More…

thumbnail courtesy of

If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post » Hackers can use your Window 10 Cortana to open websites, even if your PC is locked