Skip to main content

Researchers disclose vulnerability in Windows Hello facial recognition

Researchers at the security firm CyberArk Labs have discovered a vulnerability in Microsoft’s Windows Hello facial recognition system in Windows 10 and Windows 11. Calling it a “design flaw,” the researchers say that hackers can get around Windows Hello by using a certain type of hardware to eventually gain access to your PC.

Though it isn’t exactly something that is easily accomplished (and Microsoft says it has mitigated the vulnerability), there’s a very specific set of conditions that can lead to the bypassing. In all cases, hackers would need to capture an IR image of the victim’s face, have physical access to the victim’s PC, and also use a custom USB device that can impersonate a camera. CyberArk Labs describe the six-part process on its website, with a video showing the proof-of-concept.

A six step diagram showing the vulnerability in Windows Hello.
Image used with permission by copyright holder

Per the firm, this is all possible because Windows Hello will only process IR camera frames when trying to authenticate a user. “One would need to implement a USB camera that supports RGB and IR cameras. This USB device then only needs to send genuine IR frames of the victim to bypass the login phase, while the RGB frames can contain anything,” said CyberArk’s Omer Tsarfati.

Recommended Videos

There currently is no evidence that this vulnerability has been actively used, but CyberArk Labs warns that someone with the right skills can use this to target journalists and others with sensitive content on their devices. It is also important to note that the research was done on Windows Hello for Business and not the consumer version of Windows Hello. There is still, though, the chance that this vulnerability could apply to other security systems where a third-party USB camera is used as a biometric sensor.

Please enable Javascript to view this content

CyberArk labs submitted this vulnerability to Microsoft back on March 23, 2021. Microsoft acknowledged this issue a day later. Microsoft has since assigned a CVE for the issue, sharing mitigation via a security update on July 13.

According to Microsoft, this patch mitigated the issue and Windows Hello Enhanced Sign-in Security can protect against such attacks. CyberArk, though, points out that the mitigation depends on having devices with specific cameras, and the “inherent to system design, implicit trust of input from peripheral devices remains.” An investigation is still ongoing.

Arif Bacchus
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Windows 11 multitasking is about to get even better
Windows 11 logo on a laptop.

Windows 11 already has great multitasking thanks to Snap Layouts. So, if you know how to split your screen in Windows 11 Snap Layouts, you're already aware of how good it is. And things will get even easier since the Windows 11 KB5046716 update is tinkering around with new Snap Layouts and hidden label ideas, as Phantomofearth noticed and confirmed by Windows Latest.

Windows Latest tested the features and can confirm that Microsoft is testing with different text options for the Snap Layouts, such as:

Read more
Microsoft tests a universal share button on Windows 11
A photo of the Sensel Click Composer Software running on Windows 11

Microsoft is looking to expand the use of its Share button in a future update to Windows 11, to make transporting content between contacts more efficient. The company is testing a universal Share button in a new Preview Build of Windows 11, now available to Windows Insiders in the Dev and Beta channels.

While the Share button availability can vary depending on the app on Windows, this new function will enable a Share button throughout the Windows 11 operating system, including in the taskbar and Start menu. Users will be able to send files, links, or text conveniently from their desktops.

Read more
Windows 11 vs. Windows 10: Is it finally time to update?
Microsoft Surface Laptop 2 sitting on a table.

Windows 11 is the newest version of Windows, and it's one of the best Windows versions ever released. It draws on its predecessors, like Windows 10, but today it's very much its own operating system, with a unique look, advanced features, and the most secure and stable platform for modern Windows application.

If you've been holding out on upgrading, or aren't running the latest version, we have everything you need to know about the most recent version of Windows 11.
Windows 11 2024 update (24H2)
The latest version of Windows 11, is the 2024 update known as 24H2. It initially rolled out to Windows Insiders in February 2024, but has since been released to the wider Windows user base starting October 1. It introduced a number of new and enhanced features to Windows, improving its fundamentals, as well as adding new capabilities, especially those running it on Copilot+ PCs and laptops.

Read more