Two German researchers demonstrated at Black Hat that an attacker with local administrative access can inject a malicious biometric template into Windows Hello for Business and sign in as another user with nothing more than their own face — a practical, low-noise bypass that undermines one of...
admin rights
biometrics
credential theft
device authentication
edr detection
enterprise security
ess
faceplant
passwordless authentication
secure by design
secure sign-in
security architecture
tpm
virtualization
wbs
windows biometric service
windows hello for business
