Researchers shared the word that they will demonstrate how they are able to bypass the password-protected Windows 10 lock screen and then install malware from a website, through Microsoft’s digital assistant, Cortana. 

Even when the Windows 10 system is locked and in sleep mode, Cortana still listens for specific voice commands, Israeli security researchers Tal Be’ery and Amichai Shulman found, reports myce; An attacker with physical access to a locked Windows 10 computer could insert a malicious USB network adapter to the system, connect it to a Wifi network (that is under his control),  and then use Cortana to start the browser and visit a non-HTTPS website. It’s possible to change Wifi networks, even when the system is locked, the researchers found.

Using the network adapter it’s then possible to intercept the HTTP request and to send the browser to a malicious website instead. From the malicious website, malware is downloaded and installed on the system. After the researchers warned Microsoft, the software giant solved the issued by forcing all browsing done through Cortana and a locked machine to go to its Bing search engine instead of directly to a web page.

Cortana still responds to other commands when locked, and the researchers are currently trying to find out what else they might get Cortana to do in a locked state.