Careful! Detected a vulnerability in Windows 10 facial recognition

0

Windows 10: There are many ways now to keep your electronic devices safe from unwanted hands. Passwords are still in the limelight, but more and more users are adopting biometric measures to improve security. But whatever the method of use they are not exempt from being a target for hackers. And is that if you are a Windows Hello user, you may have to make changes to enter your PC.

This is the bug that take advantage of Windows Hello

All precautions are little when it comes to protecting the data on your computer. There are many sessions that you will have open on your machine, plus all the information that you will have inside and that may be of value. That is why it is good to put measures such as passwords or your fingerprint, but it is that on your computer you can even use facial recognition if you use Windows 10.

We have mentioned this function to you on occasion and it has the name of Windows Hello. With it, you can log into your machine with a selfie, but CyberArk Labs researchers have found a flaw that could give a hacker access to your computer. The process consists of capturing real images of the user and sending them to later launch the attack and access the data with ease.

For this, according to the media, “it would be necessary to implement a USB camera that supports RGB and infrared (IR) cameras. This USB stick only needs to send genuine IR frames from the victim to bypass the login phase, while RGB frames can contain anything. ” Therefore, yes or yes, the attacker must be close to the terminal that attacks him and connect an external storage device to which to send the information that unlocks the device.

Windows says it’s fixed

The real danger of Windows Hello being compromised is relative. On the one hand, we have the data that 85 percent of users of the Redmond operating system have this function activated. On the other hand, the attacker must be near the device and interact with it, which means that he cannot enter your machine via the Internet unless he first enters your computer with this method and installs a malicious program. In addition, it must be added that Microsoft has confirmed that this problem has already been solved, so users can breathe easy at least for now.

LEAVE A REPLY

Please enter your comment!
Please enter your name here