Overview
- The April 8 update KB5055523 closed the CVE-2025-26644 vulnerability, rated medium risk with a CVSS score of 5.1, by changing Windows Hello to require a color camera for authentication.
- Infrared-only face scans are no longer accepted, preventing Windows Hello from working in dark environments where visible light is insufficient.
- Users on Windows 10, Windows 11 (versions 22H2, 23H2, 24H2), Windows Server 2019, and Windows Server 2025 have reported persistent face unlock failures in low-light conditions since April.
- A workaround involves disabling the standard webcam in the Device Manager, which forces Windows Hello to rely solely on the infrared camera.
- While this trick restores face recognition in the dark, it disables the webcam for video calls and other everyday applications.