Cortana Vulnerability: A voice command makes locked machine browse a Non-HTTPS site

7AyW0lCCyGI/default.jpg

Using Cortana voice commands attacker can make a locked machine browse a Non-HTTPS site (e.g. CNN).
The vulnerability was responsibly disclosed to Microsoft and already patched.
Part of "THE VOICE OF ESAU: HACKING ENTERPRISES THROUGH VOICE INTERFACES " presented @ Kaspersky SAS 2018 by Amichai Shulman and Tal Be'ery

7AyW0lCCyGI/default.jpg
Cortana Vulnerability: A voice command makes locked machine browse a Non-HTTPS site Cortana Vulnerability: A voice command makes locked machine browse a Non-HTTPS site Reviewed by Anonymous on March 07, 2018 Rating: 5