German security researchers say 'Windows Hell No' to Microsoft biometrics for biz

Microsoft is pushing hard for Windows users to shift from using passwords to its Hello biometrics system, but researchers sponsored by the German government have found a critical flaw in its business implementation.

In a presentation at the Black Hat conference in Las Vegas, Dr Baptiste David and Tillmann Osswald from independent security shop ERNW Research demonstrated how one can crack the Hello system and a local admin, or someone who has access to their credentials via malware or other means, can inject biometric information into a computer that would allow it to recognize any face or fingerprint.