Microsoft faces fresh Windows Recall security concerns

Curated RSS Brief

Microsoft faces fresh Windows Recall security concerns

Published: April 15, 2026 at 11:30 | Source: theverge.com

Quick Summary

Report Close Report Posts from this topic will be added to your daily email digest and your homepage feed. Follow Follow See All Report Tech Close Tech Posts from this topic will be added to your daily email digest and your homepage feed. Follow Follow See All Tech Microsoft Close Microsoft Posts from this topic will be added to your daily email digest and your homepage feed. Follow Follow See All Microsoft Microsoft faces fresh Windows Recall security concerns A security researcher has released a new tool that can extract data from Recall. A security researcher has released a new tool that can extract data from Recall. by Tom Warren Close Tom Warren Senior Correspondent Posts from this author will be added to your daily email digest and your homepage feed. Follow Follow See All by Tom Warren Apr 15, 2026, 11:30 AM UTC Link Share Gift Image: Microsoft Tom Warren Close Tom Warren Posts from this author will be added to your daily email digest and your homepage feed. Follow Follow See All by Tom Warren is a senior correspondent and author of Notepad , who has been covering all things Microsoft, PC, and tech for over 20 years. When Microsoft tried to launch Recall, an AI-powered Windows feature that screenshots most of what you do on your PC, it was labeled a “disaster” for cybersecurity and a “privacy nightmare.” After the backlash and a year-long delay to redesign and secure Recall, it’s once again facing security and privacy concerns. Cybersecurity expert Alexander Hagenah has created TotalRecall Reloaded , a tool that extracts and displays data from Recall. It’s an update to the TotalRecall tool that demonstrated all the weaknesses in the original Recall feature before Microsoft redesigned it. Microsoft’s redesign focused on creating a secure vault for Recall data, with Windows Hello authentication and a secure environment through a Virtualization-based Security Enclave. Recall requires users to authenticate using a face or fingerprint to gain access to data and to enable snapshots to be recorded. “This restricts attempts by latent malware trying to ’ride along’ with a user authentication to steal data,” said Microsoft in a September 2024 blog post . “My research shows that the vault is real, but the trust boundary ends too early,” says Hagenah. “TotalRecall Reloaded makes that ‘latent malware’ ride along.” The TotalRecall Reloaded tool can silently run in the background and activate the Recall timeline to force a user into authenticating with a Windows Hello prompt. Once the authentication has taken place, TotalRecall Reloaded can then extract everything that Windows Recall has ever captured. “That is precisely the scenario Microsoft’s architecture is supposed to restrict,” says Hagenah . Recall stores much more than just screenshots, with the history of text that has appeared on your screen, messages, emails, documents, browsing history, and much more. Microsoft’s changes to Recall security came months after CEO Satya Nadella told employees “If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security.” Related Windows feature that screenshots everything labeled a security “disaster” Microsoft’s more secure Windows Recall feature can also be uninstalled by users Microsoft launches Recall and AI-powered Windows search for Copilot Plus PCs Hagenah responsibly disclosed his latest findings to Microsoft last month, but the company closed the report and said there was no vulnerability. “We appreciate Alexander Hagenah for identifying and responsibly reporting this issue. After careful investigation, we determined that the access patterns demonstrated are consistent with intended protections and existing controls, and do not represent a bypass of a security boundary or unauthorized access to data,” says David Weston, corporate vice president of Microsoft Security, in a statement to The Verge . “The authorization period has a timeout and anti-hammering protection that limit the impact of malicious queries.” In messages to The Verge , Hagenah disputes Microsoft’s timeout protections. “I can re-poll the data, and what I am doing in my tool [is] to bypass it. And the timeout is patched out,” says Hagenah. “My biggest issue still is them saying in their official announcement that the enclave prevents ‘latent malware riding along,’ which it clearly doesn’t.” TotalRecall Reloaded can also extract the latest cached Windows Recall screenshot without Windows Hello authentication, or totally wipe the entire capture history. But the type of malware that Hagenah describes could sit in the background on a PC and take screenshots anyway, with or without Windows Recall. Microsoft doesn’t think there’s a vulnerability here because this is simply how Windows works. Regular user-mode processes have the ability to inject code into themselves as a normal and often legitimate behavior in Windows, but this flexibility also creates opportunities for abuse. A similar infostealer malware co

Key Takeaways

• Report Close Report Posts from this topic will be added to your daily email digest and your homepage feed.
• Follow Follow See All Report Tech Close Tech Posts from this topic will be added to your daily email digest and your homepage feed.
• Follow Follow See All Tech Microsoft Close Microsoft Posts from this topic will be added to your daily email digest and your homepage feed.
• Follow Follow See All Microsoft Microsoft faces fresh Windows Recall security concerns A security researcher has released a new tool that can extract data from Recall.

Detailed Coverage

Market analysis reveals significant growth potential in the sector discussed in 'Microsoft faces fresh Windows Recall security concerns'. Investment patterns and market trends indicate strong confidence in these technologies, with venture capital and corporate investments driving further innovation and development.

User experience and accessibility are key themes that emerge from the analysis of 'Microsoft faces fresh Windows Recall security concerns'. The focus on creating intuitive, user-friendly interfaces demonstrates a commitment to making advanced technology accessible to broader audiences and diverse user groups.

The competitive landscape highlighted in 'Microsoft faces fresh Windows Recall security concerns' shows how different organizations are positioning themselves in this rapidly evolving market. Strategic partnerships, acquisitions, and research collaborations are shaping the future direction of technological development.

Environmental sustainability and energy efficiency considerations are increasingly important in the context of 'Microsoft faces fresh Windows Recall security concerns'. The industry is moving towards more sustainable practices and green technologies to address climate change and environmental concerns.

Education and skill development play crucial roles in the adoption and advancement of technologies discussed in 'Microsoft faces fresh Windows Recall security concerns'. The need for specialized talent and continuous learning programs highlights the importance of human capital in technological progress.

Article Details

Published: April 15, 2026 at 11:30

Source: theverge.com

Original link: https://www.theverge.com/report/912101/microsoft-windows-recall-new-security-concerns-response

Read the Full Article

If you want the exact wording, examples, or full context from the publisher, open the original source article.

Open Original Article

This article email was generated from your RSS automation workflow.

Blog home: https://rkoots.github.io/blog/