In response to concerns raised by security and privacy-minded researchers, Microsoft has made significant changes to the Recall feature on Copilot+ PCs running Windows 11. The feature, which allows users to take screenshots and perform AI-powered searches, came under scrutiny for potential security vulnerabilities that could expose user data to unauthorized access.
Following a thorough assessment by Microsoft’s Offensive Research & Security Engineering team and a third-party security vendor, the company decided to implement key changes to enhance the security and privacy of Recall. Microsoft has also invited other security professionals to further scrutinize the feature for any potential weaknesses that could compromise user data.
The initial unveiling of the Copilot+ Recall feature in May 2024 sparked concerns among researchers who highlighted various security pitfalls and expressed worries about the potential for malware and unauthorized users to exploit the feature. In response to these concerns, Microsoft halted the release of the feature and announced important changes to address the security and privacy issues.
David Weston, VP of Enterprise and OS Security at Microsoft, confirmed that Recall will now be an opt-in experience, giving users the choice to enable or disable the feature through the optional settings. Additionally, snapshots and associated information will be encrypted with encryption keys protected by the Trusted Platform Module (TPM), linked to the user’s Windows Hello Enhanced Sign-in Security identity.
Furthermore, Microsoft has implemented secure measures within a VBS Enclave to ensure that only authorized information leaves the enclave when users actively use Recall. Access to the feature and its user interface is safeguarded by Windows Hello, which requires biometric authentication (face or fingerprint) or a PIN for sign-in. Weston emphasized the importance of biometric credentials for searching Recall content, with PIN serving as a fallback method to prevent data loss in case of sensor damage.
To prevent unauthorized access and data theft, Recall incorporates authorization timeouts that require users to reauthorize access for future sessions, thwarting attempts by malware to exploit user authentication. Additionally, rate-limiting and anti-hammering measures have been implemented to protect Recall’s stored information from brute-force attacks.
In terms of data protection, Recall will not save information from private browsing sessions on major browsers like Microsoft Edge, Firefox, Opera, Chrome, and Chromium-based browsers. Moreover, sensitive content filtering will be enabled by default to prevent the storage of sensitive data such as passwords, national ID numbers, and credit card information in Recall.
Overall, Microsoft’s proactive approach to addressing security and privacy concerns surrounding the Recall feature demonstrates a commitment to enhancing user trust and confidence in the Copilot+ PCs running Windows 11. By implementing robust security measures and privacy controls, Microsoft aims to provide a secure and user-friendly experience for all Recall users.