Researchers have exposed flaws in three popular laptops that allow hackers to bypass fingerprint sensors and steal data like passwords, files and photos.
Vulnerabilities were uncovered in the fingerprint readers used in the Dell Inspiron 15, Lenovo ThinkPad T14 and Microsoft Surface Pro X laptops.
The devices are installed with a secure device connection protocol developed by Microsoft, which is meant to ensure the connection between the fingerprint scanner and the laptop is secure.
Watch the latest news and stream for free on 7plus >>
Blackwing Intelligence analysts found they could spoof communication between the sensors and the devices they are embedded into and bypass the Windows Hello authentication to access files and data.
“They were able to fool the laptops using a USB device which pretended to be its sensor, and sent a signal that an authorised user had logged in,” Malwarebytes Lab explained.
From there, hackers can access the entire computer.
Fingerprint authentication needs to be set up on the device for hackers to take advantage of it, and the crooks will need to have physical access to the laptop to pull it off.
“If you, as a user, are worried about anyone being able to get near your laptop with a USB device, you shouldn’t be using fingerprints as an authentication method and disabled,” Malwarebytes Lab said.
To remove the feature, open sign-in options in the Windows search bar, select fingerprint recognition, then click remove.
“Until the manufacturers have dealt with the weaknesses in their setups, we can’t assume that this is a secure method of authentication,” Malwarebytes Lab warned.
If you’d like to view this content, please adjust your .
To find out more about how we use cookies, please see our Cookie Guide.