According to the company, printed versions of a user's face can be enough to trick the tool on some systems.The researchers claim that any Windows 10 device which has not yet installed Microsoft's recent Fall Creators Update could be at risk from what it calls a, "simple spoofing attack".

The flaw affects multiple different makes of hardware, with the team testing their claim on one of Microsoft's own Surface Pro 4 devices as well as others made by different manufacturers. Microsoft has not yet responded to the claims, but SYSS says it plans to reveal more work on the attack next spring.

"According to our test results, the newer Windows 10 branches 1703 and 1709 are not vulnerable to the described spoofing attack by using a paper printout if the "enhanced anti-spoofing" feature is used with respective compatible hardware," SYSS wrote in a blog post.

"Thus, concerning the use of Windows Hello face authentication, SYSS recommend updating the Windows 10 operating system to the latest revision of branch 1709, enabling the "enhanced anti-spoofing" feature, and reconfiguring Windows Hello face authentication afterwards."