HomeWinBuzzer NewsMicrosoft Postpones Windows Recall Feature for Enhanced Security Testing

Microsoft Postpones Windows Recall Feature for Enhanced Security Testing

Microsoft’s plan to delay the feature and enhance is a reaction to widespread criticism from privacy advocates and cybersecurity experts.

-

has postponed the release of its AI-powered Windows Recall feature to carry out additional security examinations. Initially slated for a public preview on June 18, 2024, the rollout will begin within the Windows Insider Program (WIP).

Windows Recall employs local AI models in Windows 11 to capture extensive activity snapshots, creating a searchable timeline of user actions. Microsoft assured that these remained local, avoiding external use of the data for training Microsoft's AI models.

Enhanced Security Measures Delay Windows Recall

Microsoft´s decision to test Windows Recall for Copilot+ AI PCs in the Windows Insider community aims to gather early feedback to refine the feature before a general launch. Initially developed secretly, Windows Recall had not yet undergone public testing with the Windows Insider Program.

This decision came after Microsoft president 's testimony before the House Homeland Security Committee, in which he underscored the priority of security over the company's AI ventures. Microsoft's updated blog post about Windows Recall indicates that further details on accessing the preview will be shared once it is ready within the Windows Insider Program. The delay acknowledges the need for more thorough testing of security enhancements.

Smith also announced the mandatory inclusion of security in the bi-annual review process for all employees, impacting annual bonuses and compensation. Initially developed before the launch of Microsoft´s new Secure Future Initiative (SFI), without public testing involvement, Microsoft's subsequent security assessments have highlighted necessary adjustments to the Recall feature, pending extensive tests to ensure alignment with their security-first commitment.

Privacy and Security Concerns

The announced delay of Recall coincides with a ProPublica report criticizing Microsoft for prioritizing profit over security, as Microsoft President Brad Smith was giving testimony to the US Congress regarding recent security breaches. Before that, the UK's Information Commissioner's Office announced that it was making inquiries with Microsoft to understand the privacy safeguards in place for Windows Recall.

Windows Recall, designed to capture periodic screenshots of active windows, uses an Azure AI model for local data analysis and stores it in an SQLite database for user queries. Privacy experts are worried the feature could be misused to access users' sensitive information. Although the company assured Bitlocker encryption by default, critics noted that automatic decryption upon user login could still expose the data to malware or physical breaches.

Addressing Security Risks

Privacy advocates and security experts have voiced concerns, suggesting that, without significant changes, Recall could seriously compromise . Cybersecurity analyst Kevin Beaumont demonstrated how malware could be adapted to steal Windows Recall data and images for offline analysis. Following these alerts, Beaumont and others urged Microsoft to either retract or secure the feature before launch.

Consequently, Microsoft announced on June 7 that Windows Recall would now be an optional feature, with encrypted databases accessible only via authentication through Windows Hello. Microsoft's plan to delay the feature and enhance its security reflects a further response to concerns.

SourceMicrosoft
Markus Kasanmascheff
Markus Kasanmascheff
Markus is the founder of WinBuzzer and has been playing with Windows and technology for more than 25 years. He is holding a Master´s degree in International Economics and previously worked as Lead Windows Expert for Softonic.com.