Security Researcher Calls Windows 11 AI 'Recall' Screenshotting Feature a Disaster [Updated] - MacRumors
Skip to Content

Security Researcher Calls Windows 11 AI 'Recall' Screenshotting Feature a Disaster [Updated]

Last month, Microsoft announced the upcoming launch of Copilot+ Windows PCs with integrated AI hardware and software. One feature that Microsoft touted was Recall, a tool that's designed to take regular snapshots of PC content to help users find anything they've seen or done on their machine.


As it turns out, Recall might be a security nightmare for Windows users. Security expert Kevin Beaumont recently said (via The Verge) that he was able to automate a program that provides plain text data of everything a user has viewed, despite Microsoft's claims that Recall information cannot be exfiltrated remotely.

Beaumont claims that Recall is "essentially an infostealer" that's included in Windows by default, and that it will "set cybersecurity back a decade by empowering cybercriminals." With Recall, hackers are able to scrape "everything you've ever looked at within seconds," and users should prepare for "AI powered super breaches."

Microsoft describes Recall as a feature that lets you "search across time to find the content you need." Powered by AI, Recall takes snapshots every five seconds when content on the screen is different from the prior snapshot and stores the snapshots in a timeline, with AI software using OCR to make the text in the snapshots searchable. Microsoft says that snapshots are locally stored and are analyzed on-device, which should make them secure, but the OCR data is stored in an SQLite database that could be accessed by hackers who infiltrate a PC using malware.

According to Beaumont, infostealer trojans are able to be "easily modified to support Recall" and data from the feature can be accessed remotely. Microsoft "tried to do a bunch of things" to improve security, but ultimately, "none of it actually works properly in the real world." The database that is theoretically accessible by malicious actors contains everything a user has seen such as text messages and passwords, every user interaction, and all websites visited (with the exception of Microsoft Edge in Private Mode).

Beaumont has not shared full technical details on how he automated exfiltration of the Recall database, and is holding until Recall is shipped because he wants to give Microsoft "time to do something." Beaumont recommends that Microsoft pull the feature for the time being.

Copilot+ PCs with Recall are set to launch on June 18. As of now, Recall is turned on by default, though users can optionally disable it.

Update: Given the response to Recall, Microsoft has decided to make it an opt-in feature rather than an opt-out feature. It will no longer be on by default, and there will be an option to opt in or opt out when setting up a Copilot+ PC. Windows Hello will also be required to turn on Recall for an extra layer of authentication. Windows Hello requires a face scan, fingerprint, or PIN to access a machine. Proof of presence will be required as well, so a screenshot timeline won't be accessible without authentication.

To address concerns about the accessibility of the database that Recall creates, Microsoft is adding additional layers of protection linked to authentication, and the search index database has been encrypted.

Popular Stories

iPhone 18 Pro Deep Red Feature

iPhone 18 Pro Launching in Two Months With These 12 New Features

Friday July 17, 2026 10:39 am PDT by
It is now mid-July, and that means the iPhone 18 Pro and iPhone 18 Pro Max are now just two months away. The devices are expected to look similar to the iPhone 17 Pro and iPhone 17 Pro Max, but there will still be many year-over-year changes, with rumored features including a smaller Dynamic Island, 5G via satellite, and more. Apple is expected to unveil the iPhone 18 Pro, iPhone 18 Pro Max, ...
iCloud General Feature Redux

Apple Raises iCloud+ Prices in 8 Countries

Friday July 17, 2026 11:56 am PDT by
Apple has increased the price of iCloud+ in Nigeria, Türkiye, Vietnam, Japan, Egypt, New Zealand, the Philippines, and Indonesia, according to an updated version of its iCloud support document. Price increases range from 11 percent to 55 percent depending on the plan and the country. Nigeria saw the biggest hike, and a 50GB plan is now ₦1,300, up from ₦900. Türkiye saw the next largest...
Apple AppleCare One Feature

'AppleCare One' is Now Even More Valuable

Saturday July 18, 2026 6:25 am PDT by
While the monthly and annual prices of AppleCare+ plans for Macs and iPads received a slight increase this week, AppleCare One continues to start at $19.99 per month in the U.S., making the multi-device plan even more valuable. Launched in July 2025, AppleCare One allows you to cover up to three devices as part of a single subscription for $19.99 per month, and additional devices can be...

Top Rated Comments

vertsix Avatar
28 months ago
I hate all this AI ****.

There, I said it.
Score: 93 Votes (Like | Disagree)
EightBitJoe Avatar
28 months ago
Hey, what could be the harm, right? It's Microsoft! I trust them.

Them. Them.

I. I. I trust. Trrrrrrrrr.

?SYNTAX ERROR IN LINE 39737

GENERAL FAILURE READING DRIVE C. ABORT, RETRY, FAIL?

Thank you for using BillGPT. Goodbye.
Score: 52 Votes (Like | Disagree)
StralyanPithecus Avatar
28 months ago

I hate all this AI ****.
Another tool developed to spy on users.
Score: 31 Votes (Like | Disagree)
28 months ago

imagine if Apple did this
As someone who loves apple products and uses a lot of them, I am a harsh critic of apple because I want their stuff be great for me to keep using it. When Apple anounced the photo scanning locally on device the techsphere nearly brought the internet down on apple.

Microsoft does this and because they slapped AI/chatgpt/copiolot we all just What say “I hope they nail the security“ This is a flaw at the core. It takes pictures of the passwords as you enter them. That’s so lazy it’s unreal. Microsoft and google wasted no time throwing off the “we care about privacy” hats and double way down on ”feed us data for AI”.

Good luck “turning it off” Microsoft‘s privacy settings are AWFUL. I tried going through it I have no idea and the next update will probably just switch it back on, change a setting w/e. It’s ridiculous.
Score: 28 Votes (Like | Disagree)
DHagan4755 Avatar
28 months ago

As of now, Recall is turned on by default, though users can optionally disable it.
Is it really off when it's disabled?
Score: 25 Votes (Like | Disagree)
JosephAW Avatar
28 months ago
It’s just a fancy key-logger. o_O
Score: 22 Votes (Like | Disagree)