Microsoft issues advice after hackers bypass Windows Hello security

Security researchers have shown that it is possible to bypass the biometric security of Windows Hello. Using a fake web, the CyberArk Labs research team was able to fool the facial recognition component of Windows Hello to send infrared images. Windows Hello requires a camera with RGB and IR sensors, but the security tool actually only uses IR imagery. Using a custom USB device, hackers can manipulate the stream of data that is sent, injecting IR imagery of an authorized user. See also: Microsoft is shipping Windows 11 in dark mode by default China accused of large-scale Microsoft Exchange Server… [Continue Reading]