Windows Hello facial recognition is bested by a photograph

Windows Hello facial recognition is bested by a photograph

Lindsey Duncan
December 22, 2017

"SySS recommends to update to the latest revision of Windows 10 version 1709, to enable the "enhanced anti-spoofing" feature, and to reconfigure Windows Hello Face Authentication afterwards", added the researchers.

The exploit circumvents Windows Hello security meaning if you log into your PC using facial recognition on Windows 10, then you should be aware that not only older versions of Microsoft's OS can be easily fooled.

Microsoft has quietly updated a security flaw in its Windows 10 "Hello" facial recognition system, which enabled attackers to authenticate simply by using a printed photo of the device owner.

It should be noted that even if you have a system with a Windows Hello camera, have anti-spoofing enabled, and have upgraded to the Fall Creators Update, you still aren't guaranteed to be fully protected from the spoofing attack. You also need a newer PC, one that has Intel's seventh-generation "Kaby Lake" processors or newer, and you'll need to be on the Windows 10 Fall Creators Update or newer. However, the attack was only successful on version 1703, the Creators Update rolled out in Spring 2017, and 1709, the Fall Creators Update now being rolled out, when anti-spoofing was disabled.

SYSS provided two videos demonstrating its proof of concept attacks.

6 year old $14.6 million YouTube sensation
The video featured Ryan opening and reviewing a " GIANT EGG SURPRISE " box containing over 100 toys from Pixar's " Cars " series. As the YouTube channel, "Ryan Toys Review" went viral, his parents started a second channel named ' Ryan's Family Review '.

The security company first reported the vulnerability to Microsoft back in October, and it plans to publish further test results in Spring 2018.

Netflix is rolling out an update for its Windows 10 standalone app as well as for Edge browser to bring in support for High Dynamic Range or HDR.

Of course, in addition to the above, you will need an HDR10-compatible monitor to actually enjoy all the HDR content Netflix now has to offer. While these utilities are not built into the existing production version of Windows, the addition of them into the Insider builds shows that Microsoft is taking Linux seriously and is trying to appeal to those who use it regularly.

The research supports the theory that certain biometric security mechanisms may not be as secure as once thought.