cua cà mau cua tươi sống cua cà mau bao nhiêu 1kg giá cua hôm nay giá cua cà mau hôm nay cua thịt cà mau cua biển cua biển cà mau cách luộc cua cà mau cua gạch cua gạch cà mau vựa cua cà mau lẩu cua cà mau giá cua thịt cà mau hôm nay giá cua gạch cà mau giá cua gạch cách hấp cua cà mau cua cốm cà mau cua hấp mua cua cà mau cua ca mau ban cua ca mau cua cà mau giá rẻ cua biển tươi cuaganic cua cua thịt cà mau cua gạch cà mau cua cà mau gần đây hải sản cà mau cua gạch son cua đầy gạch giá rẻ các loại cua ở việt nam các loại cua biển ở việt nam cua ngon cua giá rẻ cua gia re crab farming crab farming cua cà mau cua cà mau cua tươi sống cua tươi sống cua cà mau bao nhiêu 1kg giá cua hôm nay giá cua cà mau hôm nay cua thịt cà mau cua biển cua biển cà mau cách luộc cua cà mau cua gạch cua gạch cà mau vựa cua cà mau lẩu cua cà mau giá cua thịt cà mau hôm nay giá cua gạch cà mau giá cua gạch cách hấp cua cà mau cua cốm cà mau cua hấp mua cua cà mau cua ca mau ban cua ca mau cua cà mau giá rẻ cua biển tươi cuaganic cua cua thịt cà mau cua gạch cà mau cua cà mau gần đây hải sản cà mau cua gạch son cua đầy gạch giá rẻ các loại cua ở việt nam các loại cua biển ở việt nam cua ngon cua giá rẻ cua gia re crab farming crab farming cua cà mau
Skip to main content

Windows may have a serious security problem on its hands

A finger pressing on a fingerprint reader on a laptop.
Digital Trends

The premier sensors enabling Windows Hello fingerprint authentication are not as secure as manufacturers had hoped. Researchers have discovered security flaws in a number of fingerprint sensors used in several laptops that work with the Windows Hello authentication feature.

Security researchers at Blackwing Intelligence have uncovered that laptops made by Dell, Lenovo, and Microsoft can have their Windows Hello fingerprint authentication bypassed easily due to vulnerabilities in the sensors that can cause them to be taken over by bad actors at the system level.

Recommended Videos

Many of the laptop brands use fingerprint sensors from Goodix, Synaptics, and ELAN. These vulnerabilities are beginning to arise as businesses transition to biometrics as a primary option for accessing devices. As time goes on, password use will continue to diminish. Three years ago, Microsoft claimed that 85% of its users were opting for a Windows Hello sign-in on Windows 10 devices over a password, according to The Verge.

On request from Microsoft’s Offensive Research and Security Engineering (MORSE), researchers shared details of various attacks that have plagued fingerprint authentication-enabled laptops at the brand’s BlueHat conference in October.

One such attack is a man-in-the-middle (MitM) attack, which can be used to access a stolen laptop. Another method is an “evil maid” attack, which can be used on an unattended device.

Blackwing Intelligence researchers tested a Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X, which all fell victim to various bypass methods as long as someone had previously used their fingerprint to access the devices. The researchers noted that the bypassing entailed reverse engineering of the hardware and software on the laptops. They found flaws in the security layer of the Synaptics sensor, in particular. Windows Hello needed to be decoded and restructured to get past its setup, but it was still able to be hacked.

Researchers noted that Microsoft’s Secure Device Connection Protocol (SDCP) is a solid attempt at applying a security measure within the biometric standard. It allows for more secure communication between the biometric sensor and its laptop. However, not all manufacturers implemented the feature well enough for it to be effective, if they enabled it at all. Two out of the three laptops examined in the study had SDCP enabled.

Having more secure biometric laptops won’t only be a task for Microsoft. An initial remedy for securing Windows Hello-enabled laptops is also to have SDCP enabled on the manufacturer’s side, Blackwing Intelligence noted.

This study follows a 2021 facial recognition biometrics flaw in Windows Hello that allowed users to bypass the feature with certain alterations. Microsoft was forced to update its feature after researchers presented a proof of concept showcasing users with masks or plastic surgery bypassing Windows Hello facial recognition authentication.

Fionna Agomuoh
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
There’s a scary new way to undo Windows security patches
Windows 11 logo on a laptop.

Security patches for Windows are essential for keeping your PC safe from developing threats. But downgrade attacks are a way of sidestepping Microsoft's patches, and a security researcher set out to show just how fatal these can be.

SafeBreach security researcher Alon Leviev mentioned in a company blog post that they'd created something called the Windows Downdate tool as a proof-of concept. The tool crafts persistent and irreversible downgrades on Windows Server systems and Windows 10 and 11 components.

Read more
Meta may have canceled its high-end Apple Vision Pro competitor
The Meta Quest 3 and Quest Pro appear side-by-side.

According to a report from The Information citing two Meta employees, Meta has canceled its plans for a premium mixed-reality headset. It seems the company told Reality Lab employees to halt work on the product this week after executives, including CEO Mark Zuckerberg, reviewed the project.

It's uncertain whether the device was destined to be a sequel to the Meta Quest Pro or a completely new product, but it's clear that developing a competitor for the Apple Vision Pro was the purpose of the project.

Read more
It’s time to say goodbye to the Windows Control Panel
windows 10 control panel

The newer Windows Settings app has been slowly stealing features from the legacy Control Panel for years, and now Microsoft has finally said the obvious out loud -- "the Control Panel is in the process of being deprecated in favor of the Settings app."

First spotted by Neowin, a new Microsoft support page has appeared covering the various system configuration tools in Windows 10 and 11. Not only does this page refer to Settings as "the main application to customize and manage Windows settings," but it also explicitly states that the Control Panel is being deprecated. It doesn't mention any kind of date or timeline, however, which likely means the Control Panel's death will continue to be as slow as it has been up to now.

Read more