Researchers at cybersecurity company Blackwing Intelligence found vulnerabilities in several laptop makers’ implementations of Windows Hello, the biometric login feature built into Windows.
The researchers uncovered the vulnerabilities as part of a project carried out on behalf of Microsoft Corp.’s offensive research and security engineering team to analyze laptops from Microsoft, Lenovo, and Dell.
The flaws found relate to a Microsoft technology called the Secure Device Connection Protocol (SDCP), which many laptops rely on to power their Windows Hello implementations.
“Microsoft did a good job designing Secure Device Connection Protocol (SDCP) to provide a secure channel between the host and biometric devices, but unfortunately device manufacturers seem to misunderstand some of the objectives,” the researchers said.
View Full Article
Abstracts Copyright © 2023 SmithBucklin, Washington, D.C., USA
No entries found