HomeWinBuzzer NewsMicrosoft's AI Recall Feature in Windows 11 Raises Security Concerns

Microsoft’s AI Recall Feature in Windows 11 Raises Security Concerns

Microsoft's Recall in the Windows AI Explorer continues to receive backlash, despite the company publishing information on privacy.


recently unveiled a new function named “Recall,” designed to give users a “photographic memory” of their PC activities by letting them revisit any app or file they have opened. This new feature has, however, drawn criticism from cybersecurity experts due to its potential security risks. Microsoft has since published a document addressing how privacy is affected when using Recall. 

Kevin Beaumont, a expert, criticized the feature in a detailed analysis on Medium. Beaumont contends that Recall suffers from a host of security issues, which could allow hackers to steal anything viewed or typed on a computer.

Technical Details and Vulnerabilities

The Recall function works by taking screenshots of the user's computer activity every few seconds and applying Azure AI-driven OCR technology to convert these images into text. This text is then stored in an SQLite database in the user's AppData folder. Beaumont showed that this database could be accessed by other user accounts on the same machine, contradicting Microsoft's claims of exclusive user access.

All interactions are recorded in the Recall database, including websites visited, emails read, and applications used, and remain there unless manually deleted or overwritten. Beaumont managed to automate the extraction of his own Recall database and created a site that could instantly sift through its contents. He pointed out that the database is easily compressible, which simplifies the task of exfiltrating months' worth of data in a short span.

Implications for Privacy and Security

Beaumont highlighted the privacy risks of Recall, especially in situations such as domestic abuse. He also raised concerns about Recall's compliance with GDPR regulations. Although Microsoft maintains that Recall's data cannot be remotely extracted by hackers, Beaumont argued that the plain text database can be easily automated for exfiltration.

Beaumont has called on Microsoft to reevaluate and revise the Recall feature to address the outlined security and privacy issues. He emphasized that Microsoft needs to focus on security, especially given CEO Satya Nadella's emphasis on this area. Recall is currently accessible in the Release Preview Channel of the Windows Insider program and is slated for release in the upcoming Copilot+ PCs, including the latest Surface Pro and Surface Laptop models.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News