Fool Windows Hello with a fake camera
CyberArk security researchers have found a way to fool the Windows Hello facial recognition system on Windows. They found that Windows Hello's authentication system only focused on processing the image data collected by the infrared sensor.
CyberArk experimented by creating a custom USB camera. They then loaded the infrared image of the user and the RGB image of the Spongebob cartoon character into a data stream that passed from the USB camera to the Windows Hello authentication system.
The system accepts this custom USB camera and even unlocks Windows computers based on infrared images alone, ignoring irrelevant RGB images. The researchers even found that Windows Hello's authentication system only needed an IR frame and a black image to accept the unlock.
To exploit this vulnerability, the hacker must have at hand an infrared image of the user's face. This is a difficult thing but not impossible. Hackers can break into surveillance camera systems that are installed everywhere to get images of the person they want to attack.
Obviously this is a weak point in Microsoft's security system. Software giants need to make sure their authentication technology is secure as users increasingly rely on biometric security instead of passwords.
Microsoft has admitted this is a vulnerability in the Windows Hello security feature. This vulnerability is assigned the code CVE-2021-34466 and is being researched by Microsoft to find a fix. In the meantime, Microsoft recommends users to use Windows Hello Enhanced Sign-in Security to ensure safety.
However, CyberArk cautions users that not all devices support Windows Hello Enhanced Sign-in Security.
You should read it
- Signs show clearly that your system is being hacked
- The UN acknowledges that cyberattacks are extremely sophisticated and cannot identify the culprit
- 12 signs that your computer is hacked
- Just one page access, Windows PC can also be hacked
- NoxPlayer emulator was hacked and malicious code inserted
- 5 signs that your family's surveillance camera has been hacked
- You can hack Mazda cars with USB Flash Drive
- How to know if Facebook, Instagram, Google and other social networks have been hacked
- How to turn on anti-malware protection on Windows
- Computers that are not connected to the internet can still be hacked
- 6 clear signs that your phone is hacked
- Security features coming to Windows 11
Maybe you are interested
How to Enable and Disable Tabs in File Explorer on Windows 11
5 macOS Sequoia Features Not Available on Windows 11
Why does Windows operating system have such a bad reputation?
Quickly fix Unmountable Boot Volume error on Windows 10/11
15 safe software and application download websites for Windows
How to Fix Clipboard History Error in Windows 11 Latest Update