A Cortana bug meant hackers could change the password on locked PCs, but they had to ask really really politely…by which I mean execute a bizarre series of steps.
The vulnerability, since patched by Microsoft, all starts with an attacker saying “Hey Cortana” and then typing. This triggered a bug that allowed anyone to search for files on a locked PC. Then attackers could right-click the search results, which really opens things up. Here’s Catalin Cimpanu, writing for Bleeping Computer:
Users can access the right-click menu after…triggering Cortana. This menu includes various sensitive options, such as “Open file location,” “Copy full path,” “Run as Administrator,” or, the more dangerous one, “Run with PowerShell.”
Yeah, once someone can run PowerShell scripts you’re pretty much hosed. Microsoft has since patched this issue, but if you’re still concerned consider locking Cortana in the Windows 10 lock screen, just to be sure.