Security researchers at Blackwing Intelligence have identified vulnerabilities in the Windows Hello fingerprint authentication system used by laptops from Dell, Lenovo, and Microsoft. The flaws were found in popular fingerprint sensors from Goodix, Synaptics, and ELAN. The researchers presented their findings at Microsoft BlueHat conference after being asked by Microsoft Offensive Research and Security Engineering (MORSE) to assess fingerprint sensor security. The flaws could allow for a man-in-the-middle (MitM) attack, potentially providing unauthorized access to a stolen or unattended laptop. The Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X were all susceptible to fingerprint reader attacks. The researchers found cryptographic implementation flaws and a custom TLS issue in the Synaptics sensor. Windows Hello has faced previous authentication vulnerabilities, and Blackwing Intelligence recommends device manufacturers enable the Secure Device Connection Protocol (SDCP) and undergo audits of fingerprint sensor implementations. The researchers are also exploring memory corruption attacks on sensor firmware and assessing fingerprint sensor security on Linux, Android, and Apple devices