Windows Hello Hack: Your Work PC Can be Unlocked Even Without You Around

The Windows Hello hack was demonstrated by cyber security researcher, Omer Tsarfati of CyberArk, who demonstrated a working proof as well.

Windows Hello

Windows Hello is definitely convenient, adding a biometric unlocking layer that does not require you to type in a password to login to your own PC. However, it’s not just about convenience. According to Microsoft, the password-less login process of Windows Hello also helps keep you secure from common keylogger attacks that check your key strokes to scrape your password and then breach your PC. However, according to Omer Tsarfati of cyber security research firm CyberArk, even Windows Hello has a key loophole in its logic that may be exploited by anyone that has access to you PC.

The process goes something like this — you are a fairly important person at your workplace, which in turn is an important company with lots of sensitive data. Under such circumstances, chances are that you would have a work Windows 10 PC that supports face login via Windows Hello, and your company has mandated you to use it in order to avoid keylogger cyber breaches. Given that it is also quite convenient to use, you make use of it every day to login to your PC.

If a malicious actor now decides to breach your PC, they can simply gather a photo of yours, render it as an infrared image, and feed it to a processor board. While Microsoft had previously claimed that the IR image created by a webcam live is different from post-processed, rendered IR images, the difference is clearly no longer telling. In any case, all that is now required to breach your PC is connecting this board to your Windows 10 PC, wait for it to recognise the board as a camera, and read the image signal sent from the board to your PC.

Through this signal, Windows 10 now recognises this IR image of yours as you, yourself. It therefore authenticates the person trying to login to your PC, and unlocks your computer to give access to sensitive data. The entire process requires extensive physical access to a person’s PC, but if you carry plenty of sensitive data with you on your laptop, there are more than a few imaginable ways in which you may be compromised in this process.

Microsoft has seemingly told CyberArk that the flaw has been patched in a July 13 Windows 10 update, which offers Enhanced Sign-in Security to verify add-on devices before unlocking the PC, but CyberArk states that the attack can still be done by bypassing the security steps that Microsoft has taken.

Thanks for reading till the end of this article. For more such informative and exclusive tech content, like our Facebook page