July 23, 2024 at 03:52PM Microsoft’s Windows Hello for Business (WHfB) authentication, previously believed to be resistant to phishing, was found vulnerable to downgrade attacks. Security researcher Yehuda Smirnov discovered the flaw, leading to a fix by Microsoft. The company introduced a new Conditional Access policy to enforce phishing-resistant authentication, safeguarding against downgraded methods. From … Read more
June 14, 2024 at 01:06AM Microsoft has delayed the rollout of the AI-powered Recall feature for Copilot+ PCs, shifting to use the Windows Insider community to ensure quality and security. Originally set for a broad release on June 18, it faced controversy over privacy and security concerns. The move underscores the careful balance needed for … Read more
June 10, 2024 at 06:13PM Microsoft introduced the “Recall” AI feature for Copilot+ PCs, prompting concerns about potential data theft. In response, Microsoft added new security measures: Recall will now be turned off by default, users need Windows Hello enrollment, and Recall data will be encrypted. However, experts doubt these changes will fully safeguard sensitive … Read more
June 7, 2024 at 12:40PM Microsoft is updating its AI-powered Recall feature for Copilot+ PCs following customer pushback. The feature will now require user opt-in and Windows Hello verification for use. Additionally, Recall’s data encryption and security measures are being enhanced. These updates will be released with Recall’s preview on June 18, with potential changes … Read more
April 9, 2024 at 02:22PM Microsoft has released the KB5036892 cumulative update for Windows 10 21H2 and 22H2, including 23 changes and two new features. This update contains security updates and can be installed manually through Windows Update or by scheduling installation. It brings bug fixes, new features like Windows Spotlight, and more information on … Read more
November 22, 2023 at 05:39PM Researchers have discovered vulnerabilities in Windows Hello’s fingerprint authentication system that allow hackers to bypass the security and login as someone else. The team found flaws in the communication between the software and hardware components of laptops using fingerprint sensors from Goodix, Synaptics, and ELAN. The vulnerabilities vary across different … Read more
November 22, 2023 at 10:30AM Multiple vulnerabilities have been discovered in fingerprint sensors on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. The flaws allow bypassing Windows Hello authentication. Researchers found weaknesses in the fingerprint sensors from Goodix, Synaptics, and ELAN. Exploiting these vulnerabilities requires users to have fingerprint authentication set … Read more
November 22, 2023 at 09:06AM Security researchers successfully bypassed fingerprint authentication on three popular laptops equipped with Windows Hello. Blackwing Intelligence and Microsoft’s MORSE conducted the research, targeting a Dell Inspiron 15, a Lenovo ThinkPad T14s, and a Microsoft Surface Pro X. The attacks required physical access to the devices and involved spoofing legitimate user … Read more