Microsoft’s Windows Hello for Business brings password-less authentication into Active Directory environments. Researchers have found a persistent Active Directory backdoor that they say current security tools don’t detect. Microsoft introduced WHfB in Windows 10 and Windows Server 2016 to lessen the risk of password theft. Researchers will present their findings at the upcoming Black Hat Europe show in a briefing entitled “Exploiting Windows Hello” for Business” at Black Hat 2019. They warn of a new attack vector in a security-critical AD attribute called msDS-KeyCredentialLink.”]
Source: https://www.darkreading.com/cloud/windows-hello-for-business-opens-door-to-new-attack-vectors