Security News > 2024 > May > Microsoft's new Windows 11 Recall is a privacy nightmare
Microsoft's announcement of the new AI-powered Windows 11 Recall feature has sparked a lot of concern, with many thinking that it has created massive privacy risks and a new attack vector that threat actors can exploit to steal data.
While it's currently only available on Copilot+ PCs running Snapdragon X ARM processors, Microsoft says they are working with Intel and AMD to bring the feature to all Windows 11 devices.
Microsoft says Recall has been designed so that all of the data is saved directly on the user's device in an encrypted format, providing users with complete control over the feature, including if it's enabled and what apps it can take screenshots of.
Microsoft also says it will not create screenshots of Microsoft Edge's InPrivate windows or content protected by DRM. However, they have not confirmed whether other browser's private modes, like Firefox, will be supported.
Even if we accept that Microsoft will not access Recall data, there are still massive security and privacy implications with this product.
"If you're faced with the tradeoff between security and another priority, your answer is clear: Do security. In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems," Microsoft's CEO Satya Nadella said in an email to Microsoft employees.
News URL
Related news
- Microsoft delays Windows Recall amid privacy and security concerns (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Microsoft says April Windows updates break VPN connections (source)
- Microsoft: April Windows Server updates cause NTLM auth failures (source)
- Microsoft won't fix Windows 0x80070643 errors, manual fix required (source)
- Microsoft tests using MT/s for memory speed in Windows 11 Task Manager (source)
- Microsoft: April Windows Server updates also cause crashes, reboots (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- Microsoft fixes Windows Server bug causing crashes, NTLM auth failures (source)