A recent study by Blackwing Intelligence revealed serious vulnerabilities in the fingerprint scanners used for Windows Hello authentication. These vulnerabilities can be used by attackers to bypass security systems and gain unauthorized access to laptops from major manufacturers such as Dell, Lenovo and Microsoft.
According to The Verge, a team of researchers analyzed three widely used fingerprint sensors from Goodix, Synaptics and ELAN. These devices are integrated into laptops and are used for biometric authentication using Windows Hello. The attackers used a special USB device to spoof biometric data, which led to the successful hacking of the security of Dell Inspiron 15, Lenovo ThinkPad T14 and Microsoft Surface Pro X laptops.
Windows Hello is positioned by Microsoft as a highly effective and convenient authentication system that offers an alternative to traditional passwords. However, Blackwing Intelligence research revealed the following problems:
The researchers warn that fixing these vulnerabilities will require a joint effort on the part of Microsoft and hardware manufacturers. In the meantime, users are advised to take precautions such as using additional security tools and regularly updating software.