Microsoft introduced a new security feature called Windows Hello with Windows 10, which is its face scanning and authenticating feature. However, similar to the fate of iPhone X s Face ID, the Windows 10 s facial recognition feature has been hacked and fooled. Also Read - Windows 11 could be a free upgrade for you provided you fall in this categoryAlso Read - Nintendo Direct E3 2021: Metroid Dread, Mario Party Superstars, a new Legend of Zelda and more
A report from ZDNet reveals that security researchers from German firm SYSS have managed to defeat Windows Hello. This was done on Windows 10 machines running older versions of the operating system. Multiple versions of Windows 10 are affected, and a number of different hardware. Also Read - Windows 11 leaked online: Centralised start menu, revamped UI, new widgets, here's what to expect
The researchers tested Microsoft s Surface Pro 4 device running last year s Windows 10 Anniversary Update, and found it was vulnerable. Even Microsoft s anti-spoofing feature of Windows Hello didn t help protect systems running older versions of Windows 10.
Reportedly, SYSS found that if the anti-spoofing feature is disabled on the Creators Update or Fall Creators Update then you can still bypass Windows Hello. Many modern laptops do not support the anti-spoofing feature of Windows Hello, which means some devices are still vulnerable even with the latest Windows updates.
To combat the vulnerability, security researchers are recommending that Windows 10 users with Windows Hello enabled go back into settings and set up the facial recognition again, and also ensure that anti-spoofing is enabled if a device supports it.
As revealed, an attack of this nature, requires a printed picture of the authenticated user with an infrared camera, so it s not exactly easy to complete successfully.