Windows Hello: Face recognition could be tricked with infrared images

Windows Hello's facial recognition could be tricked under specific circumstances. This was shown by security researchers from CyberArk. Microsoft has now fixed this problem. The security gap was due to the handling of webcams and infrared images connected via USB.

It was discovered that infrared images were not processed with the same level of security as images from RGB cameras. It was therefore possible to connect a device via USB that imitated a webcam and simply fed in a previously made infrared image of the Windows Hello user. Normally, using a static photo like this would not go through with Windows Hello, but it worked in this scenario.

As you can already see, the attacker needs physical access to the respective computer. He must also have an infrared image of the user. Microsoft has now closed this loophole, which has been recorded as CVE-2021-3466. So attacks are no longer possible over it. A video shows the procedure once. You can read more about the technical details here.

#
preview
product
price

1

Intel i7 4770 8-thread business office multimedia computer with 3 year warranty! | i7 4770 3.9 GHz ...

Intel i7 4770 8-thread business office multimedia computer with 3 year warranty! | i7 4770 3.9 …

399.90 EUR

View on Amazon

2

Intel i5 10400F 12-thread business office multimedia computer with 3 year warranty! | i5 10400F ...

Intel i5 10400F 12-thread business office multimedia computer with 3 year warranty! | i5 10400F …

499.90 EUR

View on Amazon

3

Silent PC SSD computer Intel Core i5® 4570, 4 cores, 3.6 GHz - with 3 years guarantee! | 16GB | ...

Silent PC SSD computer Intel Core i5® 4570, 4 cores, 3.6 GHz – with 3 years guarantee! | 16GB | …

349.00 EUR

View on Amazon

Amazon links are included in this article. Clicking on it will take you directly to the provider. Should you decide to buy there, we will receive a small commission. Nothing changes in the price for you.

Source link

We will be happy to hear your thoughts

Leave a reply