AI/ML, AI benefits/risks, Malware

Potential malware compromise of data from Microsoft’s Recall feature detailed

Share
Microsoft Copilot AI chatbot brand

Microsoft's new "Recall" feature, an artificial intelligence-powered functionality enabling the logging of past user activity in its recently introduced Copilot+ PCs, was regarded by cybersecurity researchers as vulnerable to cyberattacks that could compromise its stored data, Security Affairs reports.

While Microsoft emphasized that remote hacking of Recall is unlikely, information-stealing malware could be configured to exfiltrate data stored by the feature, according to cybersecurity expert Kevin Beaumont. Information collected by Recall was also noted by cybersecurity researcher Alex Hagenah to be "unencrypted," contrary to Microsoft's claims, with his TotalRecall proof-of-concept tool having been able to automate the capturing of Recall snapshots, all of which are in plain text.

"Windows Recall stores everything locally in an unencrypted SQLite database, and the screenshots are simply saved in a folder on your PC," Hagenah added. Such a development should prompt Microsoft to delay the launch of Recall to ensure the security of stored data.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Related Terms

Adware

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds