Security Researcher Calls Windows 11 AI 'Recall' Screenshotting Feature a Disaster [Updated]

by

Last month, Microsoft announced the upcoming launch of Copilot+ Windows PCs with integrated AI hardware and software. One feature that Microsoft touted was Recall, a tool that's designed to take regular snapshots of PC content to help users find anything they've seen or done on their machine.


As it turns out, Recall might be a security nightmare for Windows users. Security expert Kevin Beaumont recently said (via The Verge) that he was able to automate a program that provides plain text data of everything a user has viewed, despite Microsoft's claims that Recall information cannot be exfiltrated remotely.

Beaumont claims that Recall is "essentially an infostealer" that's included in Windows by default, and that it will "set cybersecurity back a decade by empowering cybercriminals." With Recall, hackers are able to scrape "everything you've ever looked at within seconds," and users should prepare for "AI powered super breaches."

Microsoft describes Recall as a feature that lets you "search across time to find the content you need." Powered by AI, Recall takes snapshots every five seconds when content on the screen is different from the prior snapshot and stores the snapshots in a timeline, with AI software using OCR to make the text in the snapshots searchable. Microsoft says that snapshots are locally stored and are analyzed on-device, which should make them secure, but the OCR data is stored in an SQLite database that could be accessed by hackers who infiltrate a PC using malware.

According to Beaumont, infostealer trojans are able to be "easily modified to support Recall" and data from the feature can be accessed remotely. Microsoft "tried to do a bunch of things" to improve security, but ultimately, "none of it actually works properly in the real world." The database that is theoretically accessible by malicious actors contains everything a user has seen such as text messages and passwords, every user interaction, and all websites visited (with the exception of Microsoft Edge in Private Mode).

Beaumont has not shared full technical details on how he automated exfiltration of the Recall database, and is holding until Recall is shipped because he wants to give Microsoft "time to do something." Beaumont recommends that Microsoft pull the feature for the time being.

Copilot+ PCs with Recall are set to launch on June 18. As of now, Recall is turned on by default, though users can optionally disable it.

Update: Given the response to Recall, Microsoft has decided to make it an opt-in feature rather than an opt-out feature. It will no longer be on by default, and there will be an option to opt in or opt out when setting up a Copilot+ PC. Windows Hello will also be required to turn on Recall for an extra layer of authentication. Windows Hello requires a face scan, fingerprint, or PIN to access a machine. Proof of presence will be required as well, so a screenshot timeline won't be accessible without authentication.

To address concerns about the accessibility of the database that Recall creates, Microsoft is adding additional layers of protection linked to authentication, and the search index database has been encrypted.

Tag: Microsoft

Popular Stories

iOS 18

Apple Releases iOS 18.5 With New Wallpaper, Screen Time Changes, Carrier Satellite Support for iPhone 13 and More

Monday May 12, 2025 10:06 am PDT by
Apple today released iOS 18.5 and iPadOS 18.5, the fifth updates to the iOS 18 and iPadOS 18 operating systems that came out last September. iOS 18.5 and iPadOS 18.5 come a little over a month after Apple released iOS 18.4 and iPadOS 18.4. The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. The iOS 18.5 update has a...
Read Full Article43 comments
tvOS 18 Feature

Apple Releases tvOS 18.5

Monday May 12, 2025 10:01 am PDT by
Apple today released tvOS 18.5, the latest version of the tvOS operating system. tvOS 18.5 comes a little over a month after the launch of tvOS 18.4, and it is available for the Apple TV 4K and Apple TV HD models. tvOS 18.5 can be downloaded using the Settings app on the ‌Apple TV‌. Open up Settings and go to System > Software Update to get the new software. ‌Apple TV‌ owners who have...
Read Full Article10 comments
iPhone 17 Pro Blue Feature Tighter Crop

WSJ: Apple Weighing Price Hikes for iPhone 17 Lineup Without Blaming Tariffs

Monday May 12, 2025 3:36 am PDT by
Apple is considering raising prices for its upcoming iPhone 17 models set to release this fall, according to people familiar with the matter cited by The Wall Street Journal. The company reportedly aims to pair the potential price hikes with new features and design changes to justify the increased cost to consumers, rather than attributing them to U.S. tariffs on goods from China. The...
Read Full Article100 comments
iOS 18

iOS 18.5 Expected This Week With These New Features

Monday May 12, 2025 7:20 am PDT by
Following more than a month of beta testing, Apple is expected to release iOS 18.5 to the general public this week. While the software update is relatively minor, it still includes a handful of new features and changes for iPhones. Below, we recap everything new in iOS 18.5. Pride Wallpaper Apple recently announced its 2025 Pride Collection, including a new Apple Watch band, watch face,...
Read Full Article28 comments
macOS Sequoia Feature

Apple Releases macOS Sequoia 15.5

Monday May 12, 2025 10:10 am PDT by
Apple today released macOS Sequoia 15.5, the fifth major update to the macOS Sequoia operating system that launched last September. macOS Sequoia 15.5 comes a little over a month after the launch of macOS Sequoia 15.4. Mac users can download the ‌‌‌macOS Sequoia 15.5‌‌‌ update through the Software Update section of System Settings. It is available for free on all Macs able to run ...
Read Full Article48 comments
Mayday Calendar

Apple Acquisition Hints at Upgraded Calendar App on iOS 19 or Beyond

Friday May 9, 2025 9:13 am PDT by
Apple acquired Canadian startup Mayday Labs in April 2024, according to a European Commission listing, spotted by French blog MacGeneration. The acquisition had not received widespread attention from tech publications until now. Apple is legally required to report certain acquisitions to the European Commission, under the terms of the EU's Digital Markets Act. Mayday Labs founder Jeremy...
Read Full Article73 comments
top stories 2025 05 10

Top Stories: iOS 18.5 Release Imminent, iPhone Rumors for 2025 and Beyond, and More

Saturday May 10, 2025 6:00 am PDT by
With Apple's developer conference where it will show off iOS 19 just a month away, the company is wrapping up work on iOS 18.5 ahead of an imminent release to deliver a few new features and updates. This week also saw a number of iPhone-related rumors, encompassing not only this year's iPhone 17 lineup but also Apple's plans for 2026 and 2027, even as Apple's Eddy Cue suggested AI could make ...
Read Full Article17 comments

Top Rated Comments

vertsix Avatar
vertsix
12 months ago
I hate all this AI ****.

There, I said it.
Score: 93 Votes (Like | Disagree)
EightBitJoe Avatar
EightBitJoe
12 months ago
Hey, what could be the harm, right? It's Microsoft! I trust them.

Them. Them.

I. I. I trust. Trrrrrrrrr.

?SYNTAX ERROR IN LINE 39737

GENERAL FAILURE READING DRIVE C. ABORT, RETRY, FAIL?

Thank you for using BillGPT. Goodbye.
Score: 52 Votes (Like | Disagree)
StralyanPithecus Avatar
StralyanPithecus
12 months ago

I hate all this AI ****.
Another tool developed to spy on users.
Score: 31 Votes (Like | Disagree)
Delivered Avatar
Delivered
12 months ago

imagine if Apple did this
As someone who loves apple products and uses a lot of them, I am a harsh critic of apple because I want their stuff be great for me to keep using it. When Apple anounced the photo scanning locally on device the techsphere nearly brought the internet down on apple.

Microsoft does this and because they slapped AI/chatgpt/copiolot we all just What say “I hope they nail the security“ This is a flaw at the core. It takes pictures of the passwords as you enter them. That’s so lazy it’s unreal. Microsoft and google wasted no time throwing off the “we care about privacy” hats and double way down on ”feed us data for AI”.

Good luck “turning it off” Microsoft‘s privacy settings are AWFUL. I tried going through it I have no idea and the next update will probably just switch it back on, change a setting w/e. It’s ridiculous.
Score: 28 Votes (Like | Disagree)
DHagan4755 Avatar
DHagan4755
12 months ago

As of now, Recall is turned on by default, though users can optionally disable it.
Is it really off when it's disabled?
Score: 25 Votes (Like | Disagree)
JosephAW Avatar
JosephAW
12 months ago
It’s just a fancy key-logger. o_O
Score: 22 Votes (Like | Disagree)
Read All Comments