Security researchers bypass Windows Hello with fake fingerprints with Raspberry Pi 4

Posted on Christian By Christian No Comments on Security researchers bypass Windows Hello with fake fingerprints with Raspberry Pi 4
Windows Hello with fake fingerprints

Security researchers discovered vulnerabilities in the fingerprint sensors of some Windows PCs. These could be exploited to bypass Windows Hello’s biometric fingerprint login. The affected sensors manufactured by Elan, Googix, and Synaptics, all use a match-on-chip (MoC) design where the biometric test occurs within a shielded microprocessor on the chip itself. In this article, we will discuss “Security researchers bypass Windows Hello with fake fingerprints with Raspberry Pi 4”. Please see All you need to know before deploying Windows Hello for Business Key and Certificate Trust.

During tests on laptops such as Dell Inspiron 15, Microsoft Surface Pro X, and Lenovo ThinkPad T14, researchers successfully exploited vulnerabilities using a Raspberry Pi 4 with Linux and man-in-the-middle tools.

Please see this YouTube video for more information.

They demonstrated how security researchers could bypass Windows Hello using fake fingerprints and were able to decrypt the TLS protocol of the Synaptics sensor and replay it with modifications.

Please see “Network cable Unplugged: Fix VMware “Warning – Multiple default gateways are intended to provide redundancy to a single network“. Also, see how to Harden your Veeam Backup Server with Microsoft AppLocker.

Unplug Sensors

In some cases, attackers could unplug the fingerprint sensors on Dell and Lenovo laptops and connect their manipulated sensors. 

The research raises questions about Microsoft's oversight, as SDCP protection wasn't checked for activation by the fingerprint sensor manufacturers.

The report doesn’t provide specific solutions for affected users but suggests that a BIOS password may provide some protection since Windows must be running for the described attacks.

Also, see Mitigating ‘PrintNightmare’ Vulnerability: Print Spooler Solutions, how Disable UAC with Group Policy and enable PIN in Windows Hello.

Recommendations by Security Experts to mitigate Windows Hello

Secure Device Connection Protocol (SDCP) protection mechanism has been implemented by Microsoft to prevent unauthorized access. This helps close the vulnerabilities that allowed security researchers to bypass Windows Hello with fake fingerprints.

The researchers recommend that fingerprint sensor manufacturers enable SDCP and undergo third-party security audits for their implementations.

It remains unclear whether the identified security issues can be entirely addressed through software updates.

I hope you found this post very useful. Kindly share your thoughts in the comment section below.

5/5 - (1 vote)
Security | Vulnerability Scans and Assessment Tags:, , , , ,

Related Posts

More Related Articles

Uninstall MicrosoftDefenderUpdate What you need to know about Microsoft Defender Antivirus Security | Vulnerability Scans and Assessment
Disable Open File Security Warnings on Windows How to Disable Open File Security Warnings on Windows Security | Vulnerability Scans and Assessment
Feature image When Should I Use TPM or TPM + PIN Security | Vulnerability Scans and Assessment
drivelock 1280x720 1 The server could not be reached or validated: Timeout expired. The Time out expired prior to obtaining a connection from the pool Security | Vulnerability Scans and Assessment
How to stay protected on Windows 10 and11 device with Windows Security Stay protected on Windows device with Windows Security Security | Vulnerability Scans and Assessment
ext How to install Standalone Installation DriveLock Encryption software Security | Vulnerability Scans and Assessment

Leave a Reply