Two German researchers demonstrated at Black Hat that an attacker with local administrative access can inject a malicious biometric template into Windows Hello for Business and sign in as another user with nothing more than their own face — a practical, low-noise bypass that undermines one of...
admin privileges
biometric templates
biometrics security
credential theft
device authentication
edr monitoring
enhanced sign-in security
enterprise security
ess
faceplant
local admin rights
passwordless security
security architecture
security by design
tpm
virtualization security
wbs
windows biometric service
windows hello for business
