A company called Blackwing Intelligence who is a cybersecurity firm was asked by Microsoft to look into the security of Windows Hello fingerprint authentication. That’s a ballsy move by Microsoft to see how secure their products are. The report from Blackwing on this doesn’t exactly paint Windows Hello fingerprint authentication in the best light after testing three laptops:
Microsoft’s Offensive Research and Security Engineering (MORSE) asked us to evaluate the security of the top three fingerprint sensors embedded in laptops and used for Windows Hello fingerprint authentication. Our research revealed multiple vulnerabilities that our team successfully exploited, allowing us to completely bypass Windows Hello authentication on all three laptops.
Well that’s not good. The issues vary between the laptops in question which were:
- Dell Inspiron 15
- Lenovo ThinkPad T14
- Microsoft Surface Pro Type Cover with Fingerprint ID (for Surface Pro 8 / X)
If you have one of these laptops, it is worth your time to read the full report before you panic so that you can understand what the issues are. But to be frank, this has to raise questions about how secure Windows Hello fingerprint authentication is for users who rely on this form of authentication.
Like this:
Like Loading...
Related
This entry was posted on November 22, 2023 at 1:16 pm and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Flaws Uncovered in Windows Hello Fingerprint Authentication
A company called Blackwing Intelligence who is a cybersecurity firm was asked by Microsoft to look into the security of Windows Hello fingerprint authentication. That’s a ballsy move by Microsoft to see how secure their products are. The report from Blackwing on this doesn’t exactly paint Windows Hello fingerprint authentication in the best light after testing three laptops:
Microsoft’s Offensive Research and Security Engineering (MORSE) asked us to evaluate the security of the top three fingerprint sensors embedded in laptops and used for Windows Hello fingerprint authentication. Our research revealed multiple vulnerabilities that our team successfully exploited, allowing us to completely bypass Windows Hello authentication on all three laptops.
Well that’s not good. The issues vary between the laptops in question which were:
If you have one of these laptops, it is worth your time to read the full report before you panic so that you can understand what the issues are. But to be frank, this has to raise questions about how secure Windows Hello fingerprint authentication is for users who rely on this form of authentication.
Share this:
Like this:
Related
This entry was posted on November 22, 2023 at 1:16 pm and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.