202 matches found
CVE-2025-26644
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally...
CVE-2025-26635
Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network...
CVE-2025-26635
Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network...
CVE-2025-26644 Windows Hello Spoofing Vulnerability
...
CVE-2025-26644 Windows Hello Spoofing Vulnerability
...
CVE-2025-26644
CVE-2025-26644 affects Windows Hello by allowing local spoofing due to inadequate handling of adversarial input perturbations. Microsoft documents a Windows Hello security fix path via monthly updates (e.g., KB5055528 for Windows 11 22621/22631; KB5055519 for older Windows builds) that enforces v...
CVE-2025-26635 Windows Hello Security Feature Bypass Vulnerability
...
CVE-2025-26635
CVE-2025-26635 describes a Windows Hello security feature bypass caused by weak authentication, enabling an authorized attacker to bypass a security feature over the network. The CVSS 3.1 vector (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N) yields a base score of 6.5 (Medium) with confidentiality and int...
CVE-2025-26635 Windows Hello Security Feature Bypass Vulnerability
...
Windows Hello Spoofing Vulnerability
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally...
Windows Hello Security Feature Bypass Vulnerability
Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network...
PT-2025-15499
Name of the Vulnerable Software and Affected Versions: Windows Hello affected versions not specified Description: The issue concerns an automated recognition mechanism in Windows Hello that fails to adequately detect or handle adversarial input perturbations, allowing an unauthorized attacker to...
PT-2025-15493 · Microsoft · Windows Shell +1
Name of the Vulnerable Software and Affected Versions: Windows Hello affected versions not specified Description: A security-feature bypass issue exists, allowing an authorized attacker to bypass a security feature. This could potentially affect the system. Recommendations: At the moment, there i...
Microsoft Windows Hello 安全漏洞
Microsoft Windows Hello is a biometric-based login from Microsoft USA that allows you to sign in using your face, fingerprint or PIN. A security vulnerability exists in Microsoft Windows Hello. An attacker could exploit this vulnerability to conduct spoofing attacks. The following products and...
Microsoft Windows Hello 安全漏洞
Microsoft Windows Hello is a more personalized and secure way to sign in to your Windows device. A security feature bypass vulnerability exists in Microsoft Windows Hello, which can be exploited by an attacker to bypass certain features...
Insights and highlights from DEF CON 32
TL; DR Event Dates : August 8-11, 2024, in Las Vegas. PTP Presentations : Windows Hello : Our Ceri Coburn with Outsider Security's Dirk-Jan Mollema revealed vulnerabilities in biometric authentication. Maritime Security : Paul Brownridge discussed vulnerabilities in maritime systems and...
June 11, 2024—KB5039227 (OS Build 20348.2527)
June 11, 2024—KB5039227 OS Build 20348.2527 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when n...
New Windows 11 features strengthen security to address evolving cyberthreat landscape
Ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this exciting new class of PCs, we are introducing important security features and updates that make Windows 11 more secure for users and organizations and give developers the tools...
May 14, 2024—KB5037768 (OS Builds 19044.4412 and 19045.4412) - EXPIRED
May 14, 2024—KB5037768 OS Builds 19044.4412 and 19045.4412 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. ---...
Microsoft introduces passkeys for consumer accounts
Ten years ago, Microsoft envisioned a bold future: a world free of passwords. Every year, we celebrate World Password Day by updating you on our progress toward eliminating passwords for good. Today, we’re announcing passkey support for Microsoft consumer accounts, the next step toward our vision...