A hidden fault in laptops and Windows desktop allows an unauthorized connection (identity flight)

A new ERNW report. Moreover, a German safety company, has vulnerability in Windows Hello for Business, the Microsoft password authentication system. Nevertheless, Research. In addition, which is part of a project funded by the German Federal Office for Information Security (BSI), shows how attackers with prior access to a device can use the system design to commit a form of identity theft.

This attack. Furthermore, called “The Face Swap”, takes advantage of how Windows Hello processes biometric data – instead of using a user’s biometric data for direct authentication, the system uses them to unlock a cryptographic key stored on the system. ERNW researchers have discovered that an attacker with administrative privileges can access the database that connects a user’s identity to their stored biometric model. handle it.

In a demonstration attack, the researchers managed to intervene the identifiers hidden fault laptops windows desktop of two registered users. The exchange completely deceived the system. An attacker could sit in front of the computer camera, and Windows Hello would use his face to give him access to the victim’s account, including all the resources, files and data from the company’s network.

In simple terms. on any Windows computer (with Windows Hello) with several user profiles, this security flaw allows anyone with an administrative account to usurp the identity of other system users.

The Rocare declares that it has communicated its conclusions to Microsoft. but suspects that a fundamental correction is unlikely because it would require a overhaul of the system’s architecture. In another incident. the Rocare reported a critical flaw in Linux systems that allowed attackers to have full access to these systems to these systems about two weeks ago.