A Vulnerability in Cortana, Now Patched, Allowed Attacker To Access a Locked Computer, Change Its Password (bleepingcomputer.com) 59
Catalin Cimpanu, reporting for BleepingComputer: Microsoft has patched a vulnerability in the Cortana smart assistant that could have allowed an attacker with access to a locked computer to use the smart assistant and access data on the device, execute malicious code, or even change the PC's password to access the device in its entirety. The issue was discovered by Cedric Cochin, Cyber Security Architect and Senior Principle Engineer at McAfee. Cochin privately reported the problems he discovered to Microsoft in April. The vulnerability is CVE-2018-8140, which Microsoft classified as an elevation of privilege, and patched yesterday during the company's monthly Patch Tuesday security updates. Further reading: Microsoft Explains How it Decides Whether a Vulnerability Will Be Patched Swiftly or Left For a Version Update.
Re: (Score:3)
Welcome to Slashdot. The first post is always something about Donald Trump, "gay n*****s", apping apps for luddites, or, if you are very very lucky, something about Golden Girls and cosmonauts.
If you are very very unlucky, it's spam about a custom hosts file.
Re: I patched my system ages ago (Score:1)
How to Uninstall and remove the MS A.I. Node key logging spyware known as Cortana :
https://winaero.com/blog/how-to-uninstall-and-remove-cortana-in-windows-10/
Re: (Score:1)
Re: (Score:2)
How to Uninstall and remove the MS A.I. Node key logging spyware known as Cortana :
https://winaero.com/blog/how-to-uninstall-and-remove-cortana-in-windows-10/
Running Process Explorer https://docs.microsoft.com/en-... [microsoft.com] if searchUI is listed Cortana is running
I dual boot Linux Mint, from there I rename the file X:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy by adding -something to the end of it.
I don't uninstall it as each update reinstalls it (last one did).
Re: (Score:2)
I dual boot Linux Mint, from there I rename the file X:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy by adding -something to the end of it.
I don't uninstall it as each update reinstalls it (last one did).
I've had to remove the rename, leaving the directory as it was.
This update crates a new directory with the same name adding close to 30 new .DLL's. Rebooting and removing same as it claims update didn't work. Next time I reboot it runs the update again - it's a stand off.
After updating, renamed the directory again and all is fine.
So those who uninstalled, I can only imagine the mess they are in.
Bounty (Score:3)
He better have gotten a huge bug bounty for that. Remove code and auth changes via Cortana? That's gotta be worth at least the $10k PornHub paid for their PHP remote code execution (which wasn't even a PornHub bug, but a PHP one; so that company collected the PHP bounty on top of it as well).
Re: Bounty (Score:1)
He go a thank you note and a box of tissues. Better luck next year champ.
Re: (Score:2)
If so, he will probably sell on the vulnerability market for >> 100k next time. People want to be honest, but the conditions need to reasonably support that decision.
So, given the pace of new features in Win10 (Score:5, Insightful)
How long before this bug is re-introduced?
It's continually blows my mind people *voluntarily* use Win10...the track record of show-stopping problems with this OS is well known.
Re: (Score:2, Funny)
Re: (Score:3)
And then you look at what most Fortune-500 companies actually run internally, and you find it is not Win10. I know, for example, one that finished the migration to Win7 only 2 years ago or so and will not move to Win10 at all. Instead they will move to web-terminals and Servers on RHEL. Win10 is a very bad deal for everybody (including, funnily, MS), and a lot of people are seeing that pretty clearly.
Re: (Score:2)
I can tell you first hand that #13 on that 500 list is Windows 10 wall-to-wall at the workstation. And #41 and #368 are Win 7/10 mix. Both will remain there for the foreseeable future.
Fortune 500 companies employee 28.2 million people worldwide. Average that out, and those three examples above represent about 169,000 seats. It's a drop in the bucket, sure, but I bet if you really took an *honest* look at what F500 companies actually run internally (at the workstation) you w
Re: (Score:2)
What are you even talking about? I pointed out an example that does run Win7 and does not intend to ever go to Win10. And you are talking about "Win7/10"? Have you by accident responded to the wrong posting?
Re: (Score:2)
I'm going to disagree with this one, "Win10 is a very bad deal for everybody (including, funnily, MS),"
I work for MS, on Windows; we don't
Re: (Score:2)
Re: (Score:2)
There are a lot of people that are unable to make a distinction between "new" and "good idea". At least that is the only explanation for this stupidity I have.
Re: (Score:2)
Re:So, given the pace of new features in Win10 (Score:5, Insightful)
If I went to the trouble to change the default to a different program, that should be a pretty clear indication that I don't want to use the default Microsoft program. Please stop bugging me about it. This is supposed to be an operating system that I paid for, not an advertising platform. I'm worried we're headed down the same path as Cable TV - where originally you paid for cable so you wouldn't have to watch ads like on broadcast TV. But soon the cable channels figured out they could charge you for the channel AND put ads in their programming.
Re: (Score:3)
Indeed. It is not that MS has gotten even more incompetent. It is that they just do not have what it takes to run a release model like the one of Win10.
Re: (Score:2)
My personal estimation is they always were about this incompetent, but with massive effort managed to hide part of it before. I may be wrong, of course, and the very decision to go to the model Win10 uses may be an indicator in that direction.
Cortana is like Internet Explorer (Score:2)
Re: (Score:3)
Step 1: Open administrator command prompt .old at the end so Windows can't start it any more.
Step 2: Kill Explorer
Step 3: Kill all the Cortana processes (Explorer automatically restarts them)
Step 4: Using administrator command prompt, Rename C:\windows\SystemApps\Microsoft.Windows.Cortana_something to have
Warning: May possibly break Windows Update? Not sure.
Cortana == Clippy Junior (Score:2)
I thought so from the start, but when they made it so you couldn't fully disable Cortana, then I knew it for sure.
Just like Office of the Clippy era, it's introducing vulnerabilities you can't fix unless you hack the system beyond Microsoft's specifications.
Did you have to simply say "Please"? (Score:1)
Re: (Score:2)
You have a fundamental misunderstanding there: "sudo" gives you the power of command, you know, like in the *nix world. Saying "please" is a thing you need to do in Windows only, where you are a lowly user to be interfaced but not empowered.
Past tense? (Score:3)
"Microsoft has patched a vulnerability in the Cortana smart assistant that ALLOWS an attacker with access to a locked computer to use the smart assistant and access data on the device, execute malicious code, or even change the PC's password to access the device in its entirety."
The patch was released 1 day ago. This vulnerability still exists for every Cortana-equipped computer that has not yet been updated.
And how many people refuse to update because updates have a history of breaking things?
Not vulnerable anymore (Score:3)
Re: (Score:2)
Re: (Score:2)
Since it is not feature stable, I will go ahead and call Win10 "alpha" quality.
Re: (Score:2)
In Windows up to version 7, the order is "updates accommodating the old code". The new things works but your old aplications (and some of then can be indeed very old) keeps working;
In Linux the order is "updates breaking the old code". The new things works but only luck will make your old applications work;
And now, to my dismay, the order in Windows 10 is also "updates breaking the old code".