Two German researchers demonstrated at Black Hat that an attacker with local administrative access can inject a malicious biometric template into Windows Hello for Business and sign in as another user with nothing more than their own face — a practical, low-noise bypass that undermines one of...
admin privileges
biometric templates
biometrics security
credential theft
device authentication
edr monitoring
enhanced sign-in security
enterprise security
ess
faceplant
local admin rights
passwordless security
security architecture
security by design
tpm
virtualization security
wbs
windows biometric service
windows hello for business
A new wave of skepticism is sweeping through the IT security world following revelations by renowned German researchers who have cast serious doubt on the safety of Windows Hello for business use. The much-touted biometric authentication system, a showcase feature in both Windows 10 and Windows...
Hackers showed at Black Hat that Windows Hello for Business can be fooled into accepting an attacker’s face by swapping biometric templates on a compromised PC—an attack that works stunningly fast if the intruder already has local admin privileges. In a live demo, German researchers Tillmann...
If you've been keeping an eye on how security technology evolves in Windows 11—and let's face it, who isn't if you're living the tech life?—then you'll be pleased to hear about Microsoft's Enhanced Sign-in Security (ESS). Introduced to bolster security around biometrics and user authentication...
As the digital world continues to evolve, security becomes a paramount concern for users, especially those operating within the Microsoft ecosystem. In the latest update, Windows 11 introduces Enhanced Sign-in Security (ESS), a feature aimed at fortifying the sign-in process for its users. This...