TL;DR
- Security Change: Microsoft blocked credential autofill functionality in Windows 11 24H2/25H2 to address CVE-2026-20804, a Windows Hello tampering vulnerability.
- Operational Impact: The February 2026 Patch Tuesday update forces IT admins to choose between workflow convenience and security, disrupting remote support sessions.
- Vulnerability Details: German researchers demonstrated at Black Hat 2025 how attackers could inject biometric data to bypass Windows Hello authentication without detection.
- Workaround Risk: Microsoft offers a risky workaround using elevated administrator privileges that reintroduces the vulnerability the update was designed to prevent.
Microsoft blocked credential autofill functionality in Windows to address a security vulnerability, forcing IT admins to choose between security and workflow convenience through its February 2026 Patch Tuesday updates. The change restricts apps from autofilling credentials during remote support sessions or automated authentication workflows.
The abruptness positions enterprises in a difficult bind: maintain operational efficiency through remote support tools while risking biometric injection attacks, or accept workflow disruptions impacting help desk response times.
Vulnerability Context
The change addresses CVE-2026-20804, a Windows Hello tampering vulnerability first flagged by security researchers in August 2025. The vulnerability allows a local administrator to inject biometric information that would let a computer recognize any face or fingerprint, effectively bypassing Windows Hello authentication.
Microsoft documented the autofill restriction in the January 2026 Patch Tuesday release notes for updates KB5074109 and KB5073455.
The six-month gap between discovery and full mitigation highlights the complexity of patching authentication infrastructure without disrupting workflows. Microsoft’s staged approach, documenting the restriction in January, enforcing in February, gave organizations minimal preparation time.
Black Hat 2025 Demonstration
The real-world implications of this vulnerability were starkly demonstrated months before Microsoft’s fix. German researchers Dr. Baptiste David and Tillmann Osswald from ERNW Research demonstrated the vulnerability at Black Hat conference in Las Vegas.
David logged in using facial recognition, then Osswald inserted a different Hello facial scan from another machine into the database and unlocked David’s machine instantly. The fraudulent login raised no alert, with no external signals distinguishing it from a legitimate login.
“ESS is very effective at blocking this attack, but not everyone can use it. For example, we bought ThinkPads around one and a half years ago, but sadly they do not have a secure sensor for the camera because they use AMD chips and not Intel’s.”
Tillmann Osswald, Security Researcher at ERNW Enno Rey Netzwerke (via The Register)
Enhanced Sign-in Security (ESS) operates at hypervisor virtual trust level and blocks this attack, but hardware compatibility limits deployment. Microsoft made ESS a default setting in Windows 11, yet AMD-based systems often lack the required secure sensor hardware.
This hardware-dependent protection model reveals a fundamental challenge in enterprise security: the gap between Intel and AMD deployments means organizations cannot rely solely on ESS. The hardware fragmentation creates a two-tier security model where Intel-based systems benefit from ESS protection while AMD users remain vulnerable to biometric injection attacks, positioning Microsoft’s credential autofill restriction as the only universal defense mechanism.
Technical Impact
Following the update, credential dialogs no longer respond to virtual keyboard input from remote desktop or screen sharing tools. This blocks applications from autofilling credentials during remote support sessions.
Microsoft Teams and similar screen sharing apps can no longer inject virtual keyboard input into credential prompts. Microsoft stated the intentional change is designed to protect users against untrusted input injection.
Windows authentication dialogs now only accept input from trusted local sources: physical keyboard input, trusted accessibility applications with UIAccess privilege, or applications running with elevated administrator integrity.
The shift from convenience to security-first authentication reveals Microsoft’s calculation that biometric injection risks outweigh operational efficiency. This positions remote support teams at a crossroads where maintaining pre-patch workflows requires accepting the exact vulnerability the update was designed to eliminate.
Workaround and Cautions
Despite the security rationale, Microsoft acknowledged the operational disruption by offering a risky workaround. IT admins can restore the previous autofill behavior by enabling applications performing remote credential submission to run with elevated administrator privileges.
Microsoft’s support documentation noted this approach allows the previous behavior until applications can be updated.
However, Microsoft cautioned that this workaround should only be used in a tightly controlled environment, as running remote credential tools with administrator privileges reintroduces the biometric injection vulnerability the update was designed to prevent.
Path Forward
Organizations face a decision between accepting disrupted remote support workflows or risking credential injection attacks. Microsoft’s guidance prioritizes updating affected applications to work with the new security boundaries rather than relying on the administrator privilege workaround.
What this means for IT teams is a forced migration with no clear endpoint. Help desk staff accustomed to remote password entry must now instruct users through manual credential input, extending support call times and reducing ticket resolution rates.
Server administrators relying on automated authentication face rebuilding deployment workflows around local authentication methods. Organizations confront a sharp choice: accept the productivity hit of manual authentication, or run the workaround and expose Windows Hello users to the same biometric injection attack demonstrated at Black Hat.
For enterprises still dependent on remote support tools, the February update creates an immediate operational crisis where maintaining help desk efficiency requires accepting the vulnerability Microsoft spent six months patching.
