CVE-2018-8140 flaw was referred to Microsoft on April 23 at first, got repair in the patch Tuesday activity this month subsequently. This flaw can use the flaw of Cortana to realize 3 different attack, include to retrieve confidential information, log onto a lock to decide equipment to be able to be even on Suo Bing interface executive code. This flaw is studied by the safety of McAfee the expert discovers, need simple input only " Pas " a lot of documents that can make Cortana search very much include phrase start.
Because Cortana depends on index to undertake inquiring, so final result is you can visit all sorts of password files, can match caption even or file content, can examine the whole way of file position, it is the content in the file is waited a moment even. In addition Cortana still has the more serious flaw that carry power, can let Cortana be in the interface that lock up screen is interactive moment does not need to consider user condition.
Besides a few complex attack methods, mcAfee still shared a kind of simple method, can change in the interface that lock up screen land a proof:
1. is passed " Tap And Say " or " Hey Cortana " will activation Cortana
Does 2. seek advice from such as " now when? " such problem
3. presses blank space bolts next, appear right key menu
4. presses Esc key-press. Menu sale
5. presses blank space bolts again, right key menu appears, but this search inquiry is empty
6. begins an input (cannot use the key-press that return case right now) , if be defeated by a fault, press Esc please and begin afresh
7. is being finished (careful) after the command is inputted, click enter Command kind eye (look only input identifying is moment of a jussive to just can appear this kinds)
8. you are OK at any time right key chooses " move with administrator mode " (but remember please, after the user needs to login, ability clears UAC) .
Company of security of sth resembling a net of this outer net still offerred a paragraph of video to reveal how to exploit this loophole. And this flaw power is striking, do not be confined to change a code, more powerful baleful PowerShell script is carried out below the situation that still can not need to login in the interface that lock up screen. Only requirement needs physics to visit these systems namely, need aide of activation number speech.
In the patch Tuesday activity this month Microsoft had released KB4284819 to accumulate newer rehabilitate this problem, recommend an user to be finished as soon as possible so upgrade.