Technology

#Researchers Managed to Bypass Windows Hello with One Piece of Hardware – Review Geek

“#Researchers Managed to Bypass Windows Hello with One Piece of Hardware – Review Geek”

Windows Hello with a sad face.
Microsoft

Security researchers at CyberArk managed to bypass Windows Hello facial recognition using a fake webcam that pumps IR data into a PC. The process behind this exploit is relatively simple, though it isn’t a serious concern for the average person, as it requires James Bond-like tactics to pull off.

Windows Hello verifies users using an IR snapshot to see a 3D map of their face, which is why you can’t fool the authentication system with a printed photo. But you can still feed the Windows Hello authentication system “valid” images from a USB device, so long as it pretends to be a camera with IR and RGB sensors.

The CyberArk team found that Windows Hello requires a single IR and RGB image to verify a user. So, they loaded their USB device with a valid IR reading of a Windows user’s face, plus an RGB image of Spongebob. The USB device, plugged into a locked PC, successfully broke through Windows Hello.

Evidently, Windows Hello does not verify that IR images are from a live feed, and it does not check the contents of whatever RGB image it’s handed (CyberArk says that RGB requirement probably exists to prevent spoofing). A more thorough system would probably slow the Windows Hello sign-in process, which may defeat the purpose for some users.

The team at CyberArk says that hackers have probably never used this exploit, which makes sense. In order to pull this off, a hacker needs physical access to a PC that’s running Windows Hello, plus a near-IR image of its user. So on top of stealing a laptop or sneaking into a building, the hacker would need to take IR photos of you at a relatively short distance.

None of this is impossible, and it may be relatively easy if you’re a hacker with a serious work ethic, an agent on government payroll, or a disgruntled employee trying to screw over your employer. But there are still a lot of small hurdles here. Offices that are serious about security tend to hide desktop USB ports behind cages to prevent in-person attacks, for example, and you may have trouble accessing sensitive on a secured computer or network even if you bypass a lock screen.

Microsoft has identified this exploit and says a patch was released on July 13th (though it may take a while for businesses to actually install the patch). The company also points out that businesses using Windows Hello Enhanced Sign-in Security are protected against any hardware that isn’t pre-approved by their system admins—of course, if the hardware devices used by a business are insecure, Enhanced Sign-in Security could be compromised.

CyberArk says that it will present all of its Windows Hello findings at Black Hat 2021, which runs August 4th and 5th.

Source: CyberArk via Windows Central

If you liked the article, do not forget to share it with your friends. Follow us on Google News too, click on the star and choose us from your favorites.

For forums sites go to Forum.BuradaBiliyorum.Com

If you want to read more like this article, you can visit our Technology category.

Source

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close

Please allow ads on our site

Please consider supporting us by disabling your ad blocker!