What is the severity of CVE-2021-42288?

CVE-2021-42288 is classified as a security feature bypass vulnerability, which may allow unauthorized access to certain functionalities.

How do I fix CVE-2021-42288?

To fix CVE-2021-42288, ensure that your Windows operating system is updated with the latest security patches provided by Microsoft.

Which Windows versions are affected by CVE-2021-42288?

CVE-2021-42288 affects Windows 10 versions 1809, 1909, 2004, 20H2, 21H1 and Windows Server versions 2016 and 2019.

What is the impact of CVE-2021-42288 on Windows Hello?

CVE-2021-42288 can lead to a bypass of Windows Hello's security features, potentially compromising user authentication.

Is there a workaround for CVE-2021-42288?

Currently, the recommended action is to install the necessary security updates from Microsoft as there is no effective workaround for CVE-2021-42288.

Vulnerability/
CVE-2021-42288

medium

6.1

10/11/2021

21/11/2024

CVE-2021-42288: Windows Hello Security Feature Bypass Vulnerability

First published: Wed Nov 10 2021(Updated: )

Windows Hello Security Feature Bypass Vulnerability

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Windows 10	=20h2
Windows 10	=21h1
Windows 10	=1809
Windows 10	=1909
Windows 10	=2004
Microsoft Windows Server 2016	=20h2
Microsoft Windows Server 2016	=2004
Microsoft Windows Server 2019

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42288

Never miss a vulnerability like this again

Reference Links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42288

Frequently Asked Questions

What is the severity of CVE-2021-42288?
CVE-2021-42288 is classified as a security feature bypass vulnerability, which may allow unauthorized access to certain functionalities.
How do I fix CVE-2021-42288?
To fix CVE-2021-42288, ensure that your Windows operating system is updated with the latest security patches provided by Microsoft.
Which Windows versions are affected by CVE-2021-42288?
CVE-2021-42288 affects Windows 10 versions 1809, 1909, 2004, 20H2, 21H1 and Windows Server versions 2016 and 2019.
What is the impact of CVE-2021-42288 on Windows Hello?
CVE-2021-42288 can lead to a bypass of Windows Hello's security features, potentially compromising user authentication.
Is there a workaround for CVE-2021-42288?
Currently, the recommended action is to install the necessary security updates from Microsoft as there is no effective workaround for CVE-2021-42288.

agent/type
agent/first-publish-date
agent/softwarecombine
agent/remedy
agent/title
agent/references
agent/severity
agent/event
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
agent/author
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/microsoft
canonical/windows 10
version/windows 10/20h2
version/windows 10/21h1
version/windows 10/1809
version/windows 10/1909
version/windows 10/2004
canonical/microsoft windows server 2016
version/microsoft windows server 2016/20h2
version/microsoft windows server 2016/2004
canonical/microsoft windows server 2019

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.