AI/ML, AI benefits/risks, Malware

Potential malware compromise of data from Microsoft’s Recall feature detailed

Microsoft Copilot AI chatbot brand

Microsoft's new "Recall" feature, an artificial intelligence-powered functionality enabling the logging of past user activity in its recently introduced Copilot+ PCs, was regarded by cybersecurity researchers as vulnerable to cyberattacks that could compromise its stored data, Security Affairs reports.

While Microsoft emphasized that remote hacking of Recall is unlikely, information-stealing malware could be configured to exfiltrate data stored by the feature, according to cybersecurity expert Kevin Beaumont. Information collected by Recall was also noted by cybersecurity researcher Alex Hagenah to be "unencrypted," contrary to Microsoft's claims, with his TotalRecall proof-of-concept tool having been able to automate the capturing of Recall snapshots, all of which are in plain text.

"Windows Recall stores everything locally in an unencrypted SQLite database, and the screenshots are simply saved in a folder on your PC," Hagenah added. Such a development should prompt Microsoft to delay the launch of Recall to ensure the security of stored data.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.