A new feature in Windows 11, known as "Recall," is designed to let users review their computer activities through a timeline that includes screenshots of their tasks.
While this may sound convenient, it has sparked serious concerns among security professionals.
Major Security Flaw
Security expert Kevin Beaumont has strongly criticized the "Recall" feature in a detailed analysis, as reported by the tech magazine CHIP.
Beaumont labeled the feature a "complete disaster," describing how it makes data theft from a PC alarmingly easy.
Despite Microsoft's assurance that the data is processed locally without cloud access, Beaumont points out that if a hacker gains access to a user's account, the data can still be stolen.
How 'Recall' Works
"Recall" requires PCs to have special AI accelerators to function.
The feature operates by taking frequent screenshots and making them searchable, storing this data in a local database on the user's device.
This setup can potentially allow malicious programs to access all user interactions and information, including sensitive data such as account numbers and passwords.
Demonstrated Vulnerabilities
In his review, Beaumont demonstrated how he could extract data from the "Recall" function, even without the necessary hardware.
The data, although encrypted, is decrypted when the user logs in.
This vulnerability means that malicious software could steal this data, making "Recall" a valuable target for cybercriminals who could access a detailed overview of a user's activities.
According to Beaumont, Microsoft needs to reconsider how this feature is implemented or at least make it optional rather than the default setting.