BREAKING AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Artificial Intelligence

Microsoft Delaying Recall Feature to Improve Security

Microsoft is not rolling out Recall with Copilot+ PCs as it’s seeking additional feedback and working on improving security.

Windows Recall security

Microsoft has decided to postpone the launch of the Windows Recall feature preview following concerns raised by security and privacy experts over the AI technolgy.

Recall enables Windows users to easily find something they know they have seen before on their PC by taking screenshots at regular intervals to capture the user’s activities. 

All the data is stored and processed locally, which Microsoft was hoping would ease potential privacy and security concerns. 

However, experts are not convinced, and some have even showed how the screenshots, which could contain sensitive information such as passwords and financial data, could be obtained by information-stealer malware

Microsoft initially announced Recall as an on-by-default preview feature on Copilot+ PCs specialized for AI, which are set to become available starting June 18. 

However, in response to the backlash, Microsoft announced on June 7 that the feature would be disabled by default

In an update shared on June 13, the tech giant said it has decided not to make Recall available on Copilot+ PCs. Instead, a Recall preview will first become available in the Windows Insider Program (WIP) in the coming weeks, and it will be rolled out to Copilot+ PCs after receiving feedback from the Windows Insider Community. 

The company noted that WIP customers will still need a Copilot+ PC in order to use Recall, due to hardware requirements. 

Advertisement. Scroll to continue reading.

“We are adjusting the release model for Recall to leverage the expertise of the Windows Insider community to ensure the experience meets our high standards for quality and security,” Microsoft said. “This decision is rooted in our commitment to providing a trusted, secure and robust experience for all customers and to seek additional feedback prior to making the feature available to all Copilot+ PC users.”

Microsoft also pointed out that one of the additional security protections that will be provided for Recall content is just-in-time decryption. Windows Hello Enhanced Sign-in Security (ESS) will be leveraged and Recall screenshots will only be decrypted and made accessible when the user authenticates.

“As AI becomes more prevalent, we are rearchitecting Windows to give customers and developers more choice to leverage both the cloud and the power of local processing on the device made possible by the neural processing unit (NPU),” Pavan Davuluri, Corporate Vice President, Windows + Devices, wrote. “This distributed computing model offers choice for both privacy and security.” This work, Davuluri says, will be guided by Microsoft’s “Secure Future Initiative” that was unveiled in November 2023.

Related: Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report

Related: After Major Cloud Hacks, Microsoft Unveils ‘Secure Future Initiative’

Related: Microsoft Hires New CISO in Major Security Shakeup

Related: Microsoft’s Security Chickens Have Come Home to Roost

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

ICS and OT cybersecurity solutions provider TXOne Networks appoints Stephen Driggers as new CRO

Identity orchestration provider Strata Identity appoints Aldo Pietropaolo as Field CTO

Cybersecurity provider for the aviation industry Cyviation has appointed Eliran Almog as Chief Executive Officer.

More People On The Move

Expert Insights