A recently discovered vulnerability in Microsoft’s Windows Hello for Business (WHfB) authentication system allowed attackers to bypass the supposedly phishing-resistant login method, raising concerns about the security of this widely adopted passwordless solution.
This flaw allows attackers to bypass the system’s robust authentication mechanisms, posing a serious risk to organizations relying on this technology to protect sensitive data.
https://cybersecuritynews.com/windows-h ... ness-flaw/