New Windows Hello Vulnerability Allows Face Login by Hackers

Written by

GizNews

in

,

Key Takeaways

1. ERNW introduced a new exploit called “Faceplant” that compromises Windows Hello for Business, revealed at Black Hat USA 2025.
2. The attack allows an attacker with admin rights to bypass another user’s facial recognition login by injecting a stolen biometric template.
3. The attacker can create a biometric template by registering their face on any computer, then decrypt and pull the victim’s template.
4. This method differs from the previous “Face Swap” exploit, which required exchanging identifiers between registered user accounts.
5. The findings emphasize the need for improved security measures in biometric systems to prevent such vulnerabilities.

ERNW has revealed a new method to compromise Microsoft’s Windows Hello for Business. This revelation took place at the Black Hat USA 2025 conference. The exploit builds off a related vulnerability that was disclosed by the company in July.

Details of the Attack

This latest exploit, known as “Faceplant,” enables an attacker with admin rights to completely circumvent another user’s facial recognition login. The researchers clarified that the attacker can first register his/her face on any computer, which creates a biometric template. In simple terms, a biometric template is a digital version of your face that the computer makes and stores when you register your face or fingerprint. This template is what the computer uses to recognize your face or fingerprint when you try to log in.

To execute the attack, the intruder decrypts and pulls the template. In the final phase, the attacker injects this template into the victim’s biometric database on the target machine. This grants the attacker access as if they were the victim, using their own facial features. This attack marks a notable shift from the Face Swap exploit that ERNW discussed in July.

Comparison to Previous Exploit

The earlier attack required the attacker to exchange identifiers, which are tags that point to templates, between two user accounts that were already registered on the same device. In contrast, this new method targets the templates directly, rather than the identifiers, allowing the perpetrator to create the harmful template on any computer.

ERNW has made a significant advancement in demonstrating these risks within biometric security systems, highlighting the need for enhanced protections.

Source:
Link

 

Comments

4 responses to “New Windows Hello Vulnerability Allows Face Login by Hackers”

  1. Madalyn Fisher avatar

    Madalyn Fisher

    Hello Neat post Theres an issue together with your site in internet explorer would check this IE still is the marketplace chief and a large element of other folks will leave out your magnificent writing due to this problem

    Reply
  2. Louvenia Schowalter avatar

    Louvenia Schowalter

    Your writing is a true testament to your expertise and dedication to your craft. I’m continually impressed by the depth of your knowledge and the clarity of your explanations. Keep up the phenomenal work!

    Reply
  3. Mariana Gibson avatar

    Mariana Gibson

    Hello i think that i saw you visited my weblog so i came to Return the favore Im trying to find things to improve my web siteI suppose its ok to use some of your ideas

    Reply
  4. Elroy Zulauf avatar

    Elroy Zulauf

    Your blog has quickly become my go-to source for reliable information and thought-provoking commentary. I’m constantly recommending it to friends and colleagues. Keep up the excellent work!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts