Microsoft pushed Windows Hello authentication using a pin in biometrics or windows. In fact, it can be quite difficult to install windows without setting at least one pin for Windows Hello authentication. Microsoft claims that Windows Hello provides better protection than traditional passwords that users use to sign in.
However, Windows Hello is not without its own flaws. In 2023, security researchers succeeded in bypassing Windows Hello fingerprint certification. A year ago, a bug was upgraded to the system of Windows Hello Sign in in the then most chambari version of Windows, version 22h2.
Two security researchers demonstrated another defect in Windows Hello at the Black Hat Conference in Las Vegas According to the registerDr. of ERNW Research Baptist David and Tilman Osold showed how a hacker Windows Hello could crack authentication.
Research-Team displayed how a hacker can inject biometric data into PCs to unlock the system. They found a defect in the cryptprotectdata database, which protects the authentication information. The defect requires some other forms of advanced access to administrative access or system through a malware infection.
How to protect your system against attack
Researchers noted that Windows PC users have two options to protect their equipment against this specific attack.
- Windows Hello enhanced sign-in security (ess): If ESS is enabled, hack is not possible. It is active by default, provided that PC meets all requirements.
- Pin instead of biometricsAccording to the researchers, switching on a pin is another option, rather than using biometrics.
Protects the face algorithm using increased sign-in security VBS. This distinguishes it from the rest of the windows. System Requirements Include all the requirements for dirt-based-based security, TPM 2.0, safe devices ACPI tables with device firmware and biometric sensor hardware and drivers who are compatible with ESS.
All systems do not support ESS as results. Researchers told the register that they bought a thinkpad less than two years ago and did not support the ESS, as “they do not have a safe sensor for the camera because they use AMD chips and not Intel”.
It is becoming difficult to fix this issue according to the researchers. This will require a “important code rewriting” or other changes, such as using TPM to store biometric data.
Now you: How do you sign in in your Windows system? Do you use a password or Windows Hello? Feel free to leave a comment below.
Thanks for reading..
