Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers at Black Hat Say
Researchers at the cybersecurity conference Black Hat have demonstrated how it is possible to circumvent Microsoft’s Windows Hello biometric authentication through utilizing a spoofed camera. Researchers found that Windows Hello is faulty and can easily be overcome with a single infrared image of a user’s face on a tampered copy of an external USB-based webcam. The vulnerability has a CVSS score of 5.7 and is tracked as CVE-2021-34466. Although the flaw was patched by Microsoft in July, earlier this week security professionals proved that the patch was not effective in certain scenarios. Security researcher Omer Tsarfati, an employee at CyberArk Labs, detailed his research and demonstrated the bypass.
Tsarfati used a custom, homemade image of the user and cloned USB camera to leverage the flaw and bypass the biometric identification. The attack has been referred to as a Pass-the-PRT attack, which is an attack that gives an adversary access to not just local systems, but Azure-related resources such as the MSFT 365 assets.