Windows Recall still maintains a backdoor to access your private PC history.

Windows Recall still maintains a backdoor to access your private PC history.

      Windows Recall was designed to simplify the searching of your PC history, but a new proof of concept is once again putting that promise to the test.

      TotalRecall Reloaded demonstrates how information captured by the Windows 11 feature can still be intercepted after signing in, despite Microsoft having revised its protections following last year’s criticism.

      Recall does not merely capture a limited range of activities. It can maintain a wide visual record of everything occurring on your PC, which includes applications, websites, messages, and other on-screen content.

      Microsoft has changed the feature to be opt-in and added encryption along with Windows Hello protection, but recent findings suggest the vulnerability arises after the service is unlocked and begins transmitting information to another system process.

      The vulnerability may lie elsewhere

      The latest assertion is that the database itself is no longer the primary target for attacks. Rather, the exposure starts once someone authenticates with Windows Hello, enabling the system to send screenshots, extracted text, and metadata to a separate process called AIXHost.exe.

      TotalRecall Reloaded allegedly injects code into this process without needing administrator privileges, subsequently waiting for the session to open and the information to begin transferring.

      Certain actions, such as obtaining the latest screenshot, gathering specific metadata, and eliminating the entire archive, can be performed without requiring Windows Hello authentication.

      Microsoft has a different perspective

      Microsoft informed Ars Technica that the behavior exhibited by the researcher aligns with its intended protections and existing controls, indicating it does not constitute a security boundary breach or unauthorized access.

      The findings were communicated to Microsoft’s Security Response Center on March 6, with the company categorizing them as not a vulnerability by April 3.

      This response is unlikely to alleviate concerns. Anyone who can access your PC and use your Windows Hello fallback PIN could potentially reach a comprehensive archive of emails, browsing activity, messages, and other personal information.

      Why trust issues persist

      Recall was already facing scrutiny due to its capacity to record a substantial amount of PC activity, and this report provides critics with further justification to remain doubtful, even if Microsoft claims the behavior is functioning as intended.

      Signal, Brave, and AdGuard have already opted to keep their content out of Recall by default, indicating that the worries extend beyond just security experts.

      For Windows 11 users, the practical takeaway is clear. If you do not require Recall, it's advisable to keep it disabled for enhanced safety. If you choose to enable it, consider it a convenience feature that carries genuine privacy trade-offs, and observe whether more applications begin opting out in the future.

Windows Recall still maintains a backdoor to access your private PC history. Windows Recall still maintains a backdoor to access your private PC history.

Other articles

The fintech company that shifted its focus due to Kanye West has now reached a valuation of $1.4 billion. The fintech company that shifted its focus due to Kanye West has now reached a valuation of $1.4 billion. Slash, the vertical banking startup established by two college dropouts, has secured $100 million in a Series C funding round, achieving a valuation of $1.4 billion. The round was led by Khosla Ventures and Ribbit Capital. Windows Recall still provides a backdoor into your personal PC history. Windows Recall still provides a backdoor into your personal PC history. The database of Windows Recall may now have improved protection, but a recent proof of concept indicates that the data path following sign-in still poses privacy risks for users of Windows 11. HUAWEI nova 15 HUAWEI nova 15 MTS has announced the start of pre-orders for the new HUAWEI nova 15 Pro and nova 15 smartphones. According to the description, the lineup is aimed at those who love taking portraits, are open to befriending artificial intelligence, and wish to charge their phone as infrequently as possible. HUAWEI nova 15 HUAWEI nova 15 MTS has announced the start of pre-orders for the new HUAWEI nova 15 Pro and nova 15 smartphones. According to the description, the lineup is aimed at those who love taking portraits, are open to befriending artificial intelligence, and wish to charge their phone as infrequently as possible. HUAWEI nova 15 HUAWEI nova 15 MTS has announced the start of pre-orders for the new HUAWEI nova 15 Pro and nova 15 smartphones. According to the description, the lineup is intended for those who love taking portraits, are open to befriending artificial intelligence, and wish to charge their phone as infrequently as possible. The fintech that changed its direction due to Kanye West has now reached a valuation of $1.4 billion. The fintech that changed its direction due to Kanye West has now reached a valuation of $1.4 billion. Slash, the vertical banking startup established by two college dropouts, has secured $100 million in a Series C funding round, achieving a valuation of $1.4 billion. The round was led by Khosla Ventures and Ribbit Capital.

Windows Recall still maintains a backdoor to access your private PC history.

While Windows Recall's database may have improved protection, a new proof of concept indicates that the data path following sign-in still poses privacy risks for users of Windows 11.