HomeWinBuzzer NewsWindows Recall: Microsoft Addresses Security Concerns with Overhaul

Windows Recall: Microsoft Addresses Security Concerns with Overhaul

The changes to Windows 11 Recall were prompted by cybersecurity expert Kevin Beaumont's discovery that the database was initially stored in plain text.

-

Microsoft has rolled out several changes to its Recall feature in Windows 11 following concerns from security experts. These updates focus on improving transparency and bolstering security measures for users.

Recall uses local AI models to capture screenshots of nearly all activities on a computer, enabling quick search and retrieval of information. An explorable timeline feature allows users to scroll through snapshots for specific days. The Recall feature will be available exclusively on new Copilot+ PCs, with advanced firmware protections and the Pluton security processor to guard against personal data theft.

Opt-In, Encryption and Encryption

Initially set to be on by default, the Recall feature now asks for explicit user consent during the Windows 11 setup. Users can choose whether to activate or disable the feature, eliminating any potential confusion.

To enhance security, enabling Recall and accessing the user’s timeline will now require Windows Hello authentication. This ensures only authenticated users can access timeline data. Microsoft has also introduced just-in-time encryption; data is decrypted only after user authentication, securing the Recall database from unauthorized access.

This change was prompted by cybersecurity expert Kevin Beaumont’s discovery that the database was initially stored in plain text, making it susceptible to malware attacks. Tools like TotalRecall and NetExec exploited this vulnerability to extract and view Recall data.

Microsoft says it is committed to ensuring user privacy. Snapshots captured by Recall are stored locally and are not shared with external entities, including Microsoft itself. Users are notified each time a snapshot is taken by Windows 11. Other features include DRM, InPrivate support, and options to filter, pause, and delete saved data.

Reacting to privacy issues of ´s new Recall feature for Windows 11 on Copilot+ PCs, independent developers have created alternative solutions, such as OpenRecall which offers cross-platform compatibility.

Last Updated on November 7, 2024 7:47 pm CET

SourceMicrosoft
Markus Kasanmascheff
Markus Kasanmascheff
Markus has been covering the tech industry for more than 15 years. He is holding a Master´s degree in International Economics and is the founder and managing editor of Winbuzzer.com.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Mastodon