NewsSecuritySoftware

Microsoft Defends Recall Against New Data Theft Claims

Adnan Abdullah
By Adnan Abdullah - Guide Editor 3 Min Read
Microsoft windows 11 recall
Microsoft's Windows | Image credit: Microsoft

Our editorial team is comprised of skilled technology experts and developers. To ensure that our research is easy to understand in simple and plain English, we may use AI-assisted tools for grammatical refinement and structural smoothness. However, every technical insight, test, and experience displayed has been fully completed and verified by our human team. All content remains the original property of Droid Expose. See more in our Privacy Policy.

Microsoft is once again facing questions over the safety of its “Recall” feature, a controversial Windows 11 tool designed to take constant screenshots of a user’s computer activity. Despite a year of redesigns and a focus on encryption, cybersecurity experts are warning that the feature may still be vulnerable to sophisticated data theft.

Contents
The Return of RecallThe New Security ConcernMicrosoft’s Response

According to a report by The Verge, researcher Alexander Hagenah has developed a tool called “TotalRecall Reloaded” that demonstrates a potential flaw in how Microsoft protects this sensitive data.

The Return of Recall

The Recall feature was originally delayed in 2024 after critics labeled it a “privacy nightmare” because it stored snapshots of everything a user did—including emails, passwords, and bank details—in plain text.

To fix this, Microsoft introduced a secure vault system. The new version requires users to authenticate their identity using Windows Hello (facial recognition or fingerprints) before any data can be accessed, confirmed by the Microsoft. The company claims this system prevents malware from riding along with a user to steal information.

The New Security Concern

However, Hagenah’s research suggests that while the storage “vault” is secure, the way the data is delivered to the user is not. His “TotalRecall Reloaded” tool can reportedly run silently in the background of a PC. When a user voluntarily unlocks their computer using Windows Hello, the tool “hitchhikes” on that session to extract the decrypted data.

The vault is real, but the trust boundary ends too early, Hagenah told reporters. He claims the tool can force a user to authenticate and then capture everything Recall has ever recorded without needing administrator privileges.

Microsoft’s Response

Microsoft has officially denied that this represents a security breach. David Weston, Microsoft’s Vice President of Security, stated that the patterns shown by the researcher are consistent with how the system is intended to work. The system includes timeouts and anti-hammering protections that limit how much data a malicious query could actually take.

For now, the Recall feature remains optional. Windows 11 users must specifically “opt-in” to use it, and Microsoft emphasizes that users can turn it off or delete their history at any time if they are concerned about their privacy.

TAGGED: , , ,
Share This Article
Previous Article iphone 18 pro colour leaks iPhone 18 Pro Colors Leaked: Dark Cherry to Debut Alongside Foldable iPhone Ultra
Next Article Genini Notebooks for free users Google Opens Gemini Notebooks to Free Users
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Top Stories

Google Launches Native Gemini App for Mac: Here is How it Works

AI Launch PC Software

WhatsApp’s New Liquid Glass Look is Finally Coming to Your Chat Screen

Software Update

iOS 27 Leaks: 5G Satellite Support and the Siri Chatbot

Features News Software

Apple’s C2 Modem Leak: 5G Satellite is Coming to iPhone 18

Connectivity Features Phones

iPhone 18 Pro Colors Leaked: Dark Cherry to Debut Alongside Foldable iPhone Ultra

News Phones Rumors

WhatsApp Developing Own Encrypted Cloud Backup to Replace Google Drive and iCloud

News Software Update
Lost your password?