Windows Hello Update: Microsoft Disables Facial Recognition in the Dark Due to Security Flaw

Facial recognition technology is increasingly prevalent across a variety of scenarios; however, cases of identity fraud continue to surface, highlighting that even facial recognition is not infallible. Under certain circumstances, these systems can be exploited.

Recently, Microsoft disabled the use of Windows Hello facial recognition in dark environments on Windows 10 and 11, following the discovery of a vulnerability by security researchers. The flaw stems from Microsoft’s inadequate handling of adversarial input perturbations, a security lapse that could allow attackers to execute local spoofing strategies. Microsoft has classified the vulnerability as important, though as of now, there is no evidence to suggest it has been actively exploited.

Previously, Windows Hello relied on specially configured near-infrared (IR) imaging cameras to recognize faces even in darkness — a technique also employed by Apple’s Face ID. However, due to the identified vulnerability, Microsoft has temporarily suspended this feature in low-light conditions.

It is anticipated that Microsoft may eventually reinstate the feature by strengthening its defenses against adversarial inputs. Until then, users who have installed updates from April 2025 onward will be unable to use facial recognition authentication in the dark.

This limitation has proven inconvenient for many users, some of whom have resorted to disabling their webcams via the Device Manager. Doing so forces the device’s IR sensor to authenticate in low-light conditions — an unofficial workaround currently being adopted.

In well-lit environments, Windows Hello facial recognition continues to function normally. When operating in the dark, however, the system defaults to alternative authentication methods, such as fingerprint scanning or PIN code entry.

Rate this post

Related Posts:

Found this helpful?

Leave a Reply Cancel reply