CyberNews Briefs

Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers at Black Hat Say

Researchers at the cybersecurity conference Black Hat have demonstrated how it is possible to circumvent Microsoft’s Windows Hello biometric authentication through utilizing a spoofed camera. Researchers found that Windows Hello is faulty and can easily be overcome with a single infrared image of a user’s face on a tampered copy of an external USB-based webcam. The vulnerability has a CVSS score of 5.7 and is tracked as CVE-2021-34466. Although the flaw was patched by Microsoft in July, earlier this week security professionals proved that the patch was not effective in certain scenarios. Security researcher Omer Tsarfati, an employee at CyberArk Labs, detailed his research and demonstrated the bypass.

Tsarfati used a custom, homemade image of the user and cloned USB camera to leverage the flaw and bypass the biometric identification. The attack has been referred to as a Pass-the-PRT attack, which is an attack that gives an adversary access to not just local systems, but Azure-related resources such as the MSFT 365 assets.

Read More: Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers at Black Hat Say

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.