HomeWinBuzzer NewsWindows Hello Can be Fooled by Fake Camera Images

Windows Hello Can be Fooled by Fake Camera Images

Hackers can use fake infra-red camera images to bypass Windows Hello authentication, with just two frames needed.

-

Windows Hello is a security feature built into Windows 10 that provides numerous authentication solutions. The idea is to remove the reliance on passwords – something Microsoft is big on at the moment – through more robust security measures. However, not even Windows Hello is infallible in the world of consistent cyber threats.

And hackers have proved just that by bypassing Windows Hello security through a fake USB camera. Specifically, threat actors took infra-red images of targets and transmitted them through Windows Hello. Microsoft’s security accepted the images as authentication.

At the core of this problem is Windows Hello seemingly accepts just about any Infra red camera as a compatible camera. This means a hacker can manipulate the data and trick Hello by capturing the target PC in an IR image.

Method

Worse is it is relatively easy to do, with just two frames of the PC – a blank frame and IR capture frame – to bypass the service. The method was disclosed by CyberArk, which points out capturing the IR image from a PC is the only obstacle an attacker would need to overcome. This could be achieved by a long-range IR camera or hiding cameras close to a machine.

Still, it is worth pointing out the attacker would need some kind of environmental access to the system they want to attack.

Microsoft has confirmed the vulnerability and assigned it in  advisory CVE-2021-34466. The company says using Windows Hello Enhanced Sign-in Security is a workaround for the problem. However, this means only Windows Hello cameras on the cryptographic chain of trust from OEMs can be used. As you might expect, that is not all Windows Hello cameras.

Tip of the day: If your PC keeps connecting to the wrong WiFi network, you can set WiFi priority to avoid the need to manually select access points over and over again.Attack-Path-Windows-Hello-Bypass-CyberArk

SourceCyberArk
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x
Mastodon