Microsoft · Cortana · CVE-2018-8253
**Name of the Vulnerable Software and Affected Versions**
Windows Server 2016
Windows 10
**Description**
The issue is related to an elevation of privilege vulnerability in Microsoft Cortana, which allows arbitrary website browsing on the lockscreen. This is due to insufficient access restrictions in the virtual voice assistant Cortana in Windows operating systems. The exploitation of this issue may allow an attacker to elevate their privileges.
**Recommendations**
For Windows Server 2016 and Windows 10, at the moment, there is no information about a newer version that contains a fix for this vulnerability.