With Windows Hello, Microsoft aimed to provide a simple, secure way to authenticate while also addressing the challenge of being compatible with webcams from a variety of brands. According to the latest reports, there is a vulnerability in the system, which was discovered by researchers from CyberArk, a computer security company. They managed to trick the Hello facial recognition system using facial images of the computer owner.
Windows Hello requires a visible / infrared camera, but examining how the system works has led researchers to conclude that only infrared footage is actually processed. To test their conclusion, the researchers created a special USB device into which they loaded infrared photographs of the user and images of SpongeBob in RGB format. The system recognized the device as a USB camera and unlocked. Moreover, one image taken in the infrared range and a completely black frame turned out to be enough.
Of course, in reality it would not be so easy to hack someone’s computer using this technique, since the attacker needs an IR photograph of the user. And although you can still get it if necessary, it doesn’t matter now, provided that updates are timely installed: on July 13, Microsoft released a patch for Windows 10 that eliminates the described vulnerability.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
