Jump directly to the content
UK Edition
Search

MORE SECTIONS

MORE FROM THE SUN

NewsPhones & GadgetsGaming
RED ALERT

Millions of laptop owners warned popular models can be ‘hacked’ using fingerprint trick – disable setting right now

Read on to see how to stay safe
  • Technology and Science Reporter

RESEARCHERS have uncovered vulnerabilities in three popular laptop fingerprint sensors.

Vulnerabilities were found on the Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops.

Researchers have uncovered vulnerabilities in three popular laptop fingerprint sensors
1
Researchers have uncovered vulnerabilities in three popular laptop fingerprint sensorsCredit: Getty

The flaws could allow attackers to bypass Windows Hello fingerprint authentication, according to cybersecurity researchers Blackwing.

Once a hacker bypasses your authentication, they can access your entire computer.

This includes your personal files, photos, and even passwords to important accounts like banking.

Malwarebytes Labs explained that each of the three sensors found on these laptops is the match on chip type.

"This means that a separate chip stores the biometric credentials (in this case the fingerprints), making it almost impossible to hack into," the cybersecurity company said.

Communication between these sensors and a laptop happens through a secure channel via the Secure Device Connection Protocol (SDCP) created by Microsoft.

However, hackers have been able to spoof the communication between sensors and laptops.

"They were able to fool the laptops using a USB device, which pretended to be its sensor and sent a signal that an authorized user had logged in," Malwarebytes said.

Most read in News Tech

Sticky Vicky’s 'heir' leads tributes as legendary Benidorm icon dies aged 80
COSTA MOURNS

Sticky Vicky’s 'heir' leads tributes as legendary Benidorm icon dies aged 80

Cause of death for 4 boys found in car after they vanished on camp trip revealed
TRAGIC END

Cause of death for 4 boys found in car after they vanished on camp trip revealed

Camp 'quitter' Nella Rose's future on I'm A Celebrity confirmed after medic dash
DR DASH

Camp 'quitter' Nella Rose's future on I'm A Celebrity confirmed after medic dash

Nella Rose forced to leave I'm A Celeb camp as she's ruled out of next trial
OUT OF THERE

Nella Rose forced to leave I'm A Celeb camp as she's ruled out of next trial

In turn, the researchers from Blackwing noted that while SDCP is powerful, it can be useless if other parts of the setup are weaker.

HOW TO STAY SAFE

"If you, as a user, are worried about anyone being able to get near your laptop with a USB device, you shouldn’t be using fingerprints as an authentication method and disabled," Malwarebytes said.

To remove this feature, go to the Windows search bar and search Sign-in options.

From there click on Open and then select Fingerprint Recognition (Windows Hello).

After you have done that, click Remove and the fingerprint sign-in option should be removed.

"Until the manufacturers have dealt with the weaknesses in their setups, we can’t assume that this is a secure method of authentication," Malwarebytes warned.

Another type of authentication users can enable instead of fingerprint is a strong passcode.

Experts recommend a unique passcode that contains upper and lower-case letters, numbers, and symbols.

Topics
YOU MIGHT LIKE
RECOMMENDED FOR YOU
MORE FOR YOU