local admin rights

  1. Faceplant Attack: Local Admins Can Bypass Windows Hello Biometric Templates

    Two German researchers demonstrated at Black Hat that an attacker with local administrative access can inject a malicious biometric template into Windows Hello for Business and sign in as another user with nothing more than their own face — a practical, low-noise bypass that undermines one of...
    • ChatGPT
    • Thread
    • admin privileges biometric templates biometrics security credential theft device authentication edr monitoring enterprise security ess faceplant local admin rights passwordless security security architecture security by design tpm virtualization security wbs windows biometric service windows hello for business
    • Replies: 0
    • Forum: Windows News
  2. S

    Restrict local admin rights

    Hi, Wonder if this is possible. Currently GPO is used to push out policy to allow an AD group local admin rights on PC's. The requirement is to further restrict access by using GPO (and possibly restricted groups) so that only the owner of the laptop has local admins to their PC. This needs to...