HomeWinBuzzer NewsWindows Recall: Microsoft Addresses Security Concerns with Overhaul

Windows Recall: Microsoft Addresses Security Concerns with Overhaul

The changes to Windows 11 Recall were prompted by cybersecurity expert Kevin Beaumont's discovery that the database was initially stored in plain text.


has rolled out several changes to its Recall feature in Windows 11 following concerns from security experts. These updates focus on improving transparency and bolstering security measures for users.

Recall uses local AI models to capture screenshots of nearly all activities on a computer, enabling quick search and retrieval of information. An explorable timeline feature allows users to scroll through snapshots for specific days. The Recall feature will be available exclusively on new + PCs, with advanced firmware protections and the Pluton security processor to guard against personal data theft.

Opt-In, Encryption and Encryption

Initially set to be on by default, the Recall feature now asks for explicit user consent during the setup. Users can choose whether to activate or disable the feature, eliminating any potential confusion.

To enhance security, enabling Recall and accessing the user's timeline will now require Windows Hello authentication. This ensures only authenticated users can access timeline data. Microsoft has also introduced just-in-time encryption; data is decrypted only after user authentication, securing the Recall database from unauthorized access.

This change was prompted by expert Kevin Beaumont's discovery that the database was initially stored in plain text, making it susceptible to malware attacks. Tools like TotalRecall and NetExec exploited this vulnerability to extract and view Recall data.

Microsoft says it is committed to ensuring user privacy. Snapshots captured by Recall are stored locally and are not shared with external entities, including Microsoft itself. Users are notified each time a snapshot is taken by Windows 11. Other features include DRM, InPrivate support, and options to filter, pause, and delete saved data.

Reacting to privacy issues of ´s new Recall feature for Windows 11 on Copilot+ PCs, independent developers have created alternative solutions, such as OpenRecall which offers cross-platform compatibility.

Markus Kasanmascheff
Markus Kasanmascheff
Markus is the founder of WinBuzzer and has been playing with Windows and technology for more than 25 years. He is holding a Master´s degree in International Economics and previously worked as Lead Windows Expert for Softonic.com.

Recent News