wraggster
October 10th, 2012, 22:31
Security specialists have highlighted a flaw in fingerprint-enabled devices that allows hackers to easily retrieve Windows account passwords.
The issue was first raised by ElcomSoft, but then publicised by a duo of security specialists (http://adamcaudill.com/2012/10/07/upek-windows-password-decryption/) called Adam Claudill and Brandon Wilson. They found a method to extract Windows passwords from the registry for devices that use UPEK fingerprint readers a company that is now owned by Apple that affects PCs from Acer, Dell and up to 14 other manufacturers.
Both teams slammed the standard of security, noting that the passwords were stored in plain text and protected by just a 56-bit encryption code key.
The only real obstacle to gaining full control of the machine is having local administrator access.
From a penetration testing perspective, local administrator access is required to obtain the necessary registry key's value, so it only matters if you already have control of the PC, Wilson told Ars Technica (http://arstechnica.com/security/2012/10/confirmed-fingerprint-reader-owned-by-apple-exposes-windows-passwords/).
But since so many of these devices are used in corporate environments, it makes it easy to obtain domain credentials, and from there, easily expand an attack to other systems.
http://www.pcr-online.biz/news/read/apple-owned-fingerprint-readers-pose-serious-security-risk-to-windows-pcs/029346
The issue was first raised by ElcomSoft, but then publicised by a duo of security specialists (http://adamcaudill.com/2012/10/07/upek-windows-password-decryption/) called Adam Claudill and Brandon Wilson. They found a method to extract Windows passwords from the registry for devices that use UPEK fingerprint readers a company that is now owned by Apple that affects PCs from Acer, Dell and up to 14 other manufacturers.
Both teams slammed the standard of security, noting that the passwords were stored in plain text and protected by just a 56-bit encryption code key.
The only real obstacle to gaining full control of the machine is having local administrator access.
From a penetration testing perspective, local administrator access is required to obtain the necessary registry key's value, so it only matters if you already have control of the PC, Wilson told Ars Technica (http://arstechnica.com/security/2012/10/confirmed-fingerprint-reader-owned-by-apple-exposes-windows-passwords/).
But since so many of these devices are used in corporate environments, it makes it easy to obtain domain credentials, and from there, easily expand an attack to other systems.
http://www.pcr-online.biz/news/read/apple-owned-fingerprint-readers-pose-serious-security-risk-to-windows-pcs/029346