authentication-security-windows3.125 min read Researchers Discover Critical Vulnerabilities in Windows Hello Fingerprint Authentication
Researchers have discovered vulnerabilities in the fingerprint sensors of Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops, which could allow attackers to bypass Windows Hello authentication. The flaws were found in the fingerprint sensors from Goodix, Synaptics, and ELAN, all of which are "match on chip" (MoC) sensors. The vulnerabilities include sensor spoofing, cleartext transmission of security identifiers, and the lack of support for the Secure Device Connection Protocol (SDCP). To mitigate these attacks, it is recommended that OEMs enable SDCP and have the fingerprint sensor implementation audited by independent experts.
2 years ago•Source: The Hacker News
