Skip to main content

Researchers disclose vulnerability in Windows Hello facial recognition

Researchers at the security firm CyberArk Labs have discovered a vulnerability in Microsoft’s Windows Hello facial recognition system in Windows 10 and Windows 11. Calling it a “design flaw,” the researchers say that hackers can get around Windows Hello by using a certain type of hardware to eventually gain access to your PC.

Though it isn’t exactly something that is easily accomplished (and Microsoft says it has mitigated the vulnerability), there’s a very specific set of conditions that can lead to the bypassing. In all cases, hackers would need to capture an IR image of the victim’s face, have physical access to the victim’s PC, and also use a custom USB device that can impersonate a camera. CyberArk Labs describe the six-part process on its website, with a video showing the proof-of-concept.

A six step diagram showing the vulnerability in Windows Hello.
Image used with permission by copyright holder

Per the firm, this is all possible because Windows Hello will only process IR camera frames when trying to authenticate a user. “One would need to implement a USB camera that supports RGB and IR cameras. This USB device then only needs to send genuine IR frames of the victim to bypass the login phase, while the RGB frames can contain anything,” said CyberArk’s Omer Tsarfati.

There currently is no evidence that this vulnerability has been actively used, but CyberArk Labs warns that someone with the right skills can use this to target journalists and others with sensitive content on their devices. It is also important to note that the research was done on Windows Hello for Business and not the consumer version of Windows Hello. There is still, though, the chance that this vulnerability could apply to other security systems where a third-party USB camera is used as a biometric sensor.

CyberArk labs submitted this vulnerability to Microsoft back on March 23, 2021. Microsoft acknowledged this issue a day later. Microsoft has since assigned a CVE for the issue, sharing mitigation via a security update on July 13.

According to Microsoft, this patch mitigated the issue and Windows Hello Enhanced Sign-in Security can protect against such attacks. CyberArk, though, points out that the mitigation depends on having devices with specific cameras, and the “inherent to system design, implicit trust of input from peripheral devices remains.” An investigation is still ongoing.

Editors' Recommendations

Arif Bacchus
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Windows 11 adoption is slowing, and we finally know why
Surface Laptop Studio 2 sitting on a table.

In the consumer space, Windows 11 adoption has been ticking along at a reasonable pace. For businesses, however, the OS may have reached its limit, as businesses struggle to upgrade machines to meet the minimum requirements.

IT asset management group Lansweeper has observed that the adoption of Windows 11 now stands at 8.35% as of October 2023, a slight jump from the 5.74% seen in September 2022. However, having conducted research on approximately 33 million Windows devices in the enterprise sector, Lansweeper has concluded that it is largely device incompatibility that is stalling Windows 11 updates on a grand scale.

Read more
If you have an AMD GPU, stay away from the latest Windows Update
Two AMD Radeon RX 7000 graphics cards on a pink surface.

A quick PSA: If you own one of AMD's best graphics cards and you like to tweak the settings, now is not a good time to download the latest Windows Update. According to users on the AMD forums, the KB5030310 update really doesn't agree with AMD's Adrenalin Control Panel. While it's not the end of the world, this isn't the first Windows update in the last few months that has caused problems.

It appears that every time people restart their PCs, their Adrenalin settings are all reset back to default. This means that any changes made to things like AMD's Anti-Lag or Hyper RX will disappear upon every boot. Fortunately, the graphics driver itself is unaffected.

Read more
The best Windows apps for 2023
dell xps 13 2018 review version 1541544414 screen hero2

There are plenty of apps available in the Microsoft Store, but the best Windows apps can remain elusive. Calendar apps are a popular choice for those looking to improve productivity, and there are plenty of free apps you can choose from if you don't want to pay for the privilege.

To help you choose, we’ve put together a list of the best Windows 10 and Windows 11 apps for every user to try out, whether you want better productivity or just seek to be entertained.
Best Windows apps for productivity

Read more