Noor mahnoor
[ Tinydeal Technology News]At a special event held at Microsoft’s new campus in May, Microsoft launched a new Windows PC category, featuring the Recall function—a breakthrough technology designed to enhance the Windows 11 experience. However, the new Microsoft Recall security concerns have emerged, as the feature records and recalls all user interactions, raising potential risks.
The Recall feature has turned out to be a security nightmare for Windows users. Security expert Kevin Beaumont claims that although Microsoft says Recall information can’t leak remotely, it can generate a program that exposes plain text data of all content the user views.
Beaumont describes Recall as “essentially an information-stealing program” included by default in Windows. He warns it could “set back cybersecurity by a decade” by empowering cybercriminals. With Recall, hackers could “grab everything you’ve ever seen in seconds,” leading to a “super-intrusion powered by artificial intelligence.”
Microsoft Recall security concerns arise from its functionality, which lets users “search across time.” Powered by AI, Recall takes snapshots every five seconds, storing them in a timeline when content changes. The AI uses OCR to make text in the snapshots searchable. Microsoft claims it stores snapshots locally for security, but it saves OCR data in a SQLite database. Hackers can access this database with malware to compromise PCs.
Beaumont warns that an information-stealing Trojan can be easily modified to exploit Recall. It can remotely access this data, bypassing Microsoft’s security measures. The compromised database could expose everything a user sees, such as messages, passwords, interactions, and visited websites (except those in Microsoft Edge’s private mode).
Beaumont has not shared the full technical details of how he accessed the Recall database. He plans to wait until Recall is released to give Microsoft “time to do something.” Beaumont also suggested that Microsoft temporarily remove the feature.
Copilot+ PC with Recall will be available on June 18th. As of now, Recall is on by default, but users can choose to disable it.
For more details on the latest tech innovations, visit our TinyDeals blog, and for great deals on products, head over to TinyDeals store.
Login with Google