What is the severity of CVE-2021-42288?

CVE-2021-42288 is classified as a security feature bypass vulnerability, which may allow unauthorized access to certain functionalities.

How do I fix CVE-2021-42288?

To fix CVE-2021-42288, ensure that your Windows operating system is updated with the latest security patches provided by Microsoft.

Which Windows versions are affected by CVE-2021-42288?

CVE-2021-42288 affects Windows 10 versions 1809, 1909, 2004, 20H2, 21H1 and Windows Server versions 2016 and 2019.

What is the impact of CVE-2021-42288 on Windows Hello?

CVE-2021-42288 can lead to a bypass of Windows Hello's security features, potentially compromising user authentication.

Is there a workaround for CVE-2021-42288?

Currently, the recommended action is to install the necessary security updates from Microsoft as there is no effective workaround for CVE-2021-42288.

Vulnerability/
CVE-2021-42288

medium

6.1

10/11/2021

21/11/2024

CVE-2021-42288: Windows Hello Security Feature Bypass Vulnerability

First published: Wed Nov 10 2021(Updated: )

Windows Hello Security Feature Bypass Vulnerability

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
	=20h2
	=21h1
	=1809
	=1909
	=2004
	=20h2
	=2004

Microsoft Windows 10	=20h2
Microsoft Windows 10	=21h1
Microsoft Windows 10	=1809
Microsoft Windows 10	=1909
Microsoft Windows 10	=2004
Microsoft Windows Server 2016	=20h2
Microsoft Windows Server 2016	=2004
Microsoft Windows Server 2019

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42288

Never miss a vulnerability like this again

Reference Links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42288

Frequently Asked Questions

What is the severity of CVE-2021-42288?
CVE-2021-42288 is classified as a security feature bypass vulnerability, which may allow unauthorized access to certain functionalities.
How do I fix CVE-2021-42288?
To fix CVE-2021-42288, ensure that your Windows operating system is updated with the latest security patches provided by Microsoft.
Which Windows versions are affected by CVE-2021-42288?
CVE-2021-42288 affects Windows 10 versions 1809, 1909, 2004, 20H2, 21H1 and Windows Server versions 2016 and 2019.
What is the impact of CVE-2021-42288 on Windows Hello?
CVE-2021-42288 can lead to a bypass of Windows Hello's security features, potentially compromising user authentication.
Is there a workaround for CVE-2021-42288?
Currently, the recommended action is to install the necessary security updates from Microsoft as there is no effective workaround for CVE-2021-42288.

agent/type
agent/first-publish-date
agent/author
agent/softwarecombine
agent/remedy
agent/title
agent/references
agent/severity
agent/event
agent/description
collector/nvd-index
agent/software-canonical-lookup-request
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/tags
agent/source
vendor/microsoft
canonical/microsoft windows 10
version/microsoft windows 10/20h2
version/microsoft windows 10/21h1
version/microsoft windows 10/1809
version/microsoft windows 10/1909
version/microsoft windows 10/2004
canonical/microsoft windows server 2016
version/microsoft windows server 2016/20h2
version/microsoft windows server 2016/2004
canonical/microsoft windows server 2019

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2021-42288?
CVE-2021-42288 is classified as a security feature bypass vulnerability, which may allow unauthorized access to certain functionalities.
How do I fix CVE-2021-42288?
To fix CVE-2021-42288, ensure that your Windows operating system is updated with the latest security patches provided by Microsoft.
Which Windows versions are affected by CVE-2021-42288?
CVE-2021-42288 affects Windows 10 versions 1809, 1909, 2004, 20H2, 21H1 and Windows Server versions 2016 and 2019.
What is the impact of CVE-2021-42288 on Windows Hello?
CVE-2021-42288 can lead to a bypass of Windows Hello's security features, potentially compromising user authentication.
Is there a workaround for CVE-2021-42288?
Currently, the recommended action is to install the necessary security updates from Microsoft as there is no effective workaround for CVE-2021-42288.