Microsoft Made Changes to Recall Feature Following Controversial Security Concerns

Microsoft has announced significant updates to its new Recall feature for Copilot+ PCs, following a wave of security and privacy concerns raised by experts and users.

The Recall feature, set to debut on June 18th, is designed to enhance productivity by taking periodic snapshots of everything displayed on a user’s screen, creating an explorable visual timeline. This allows users to retrace their steps and find previously viewed content easily.


The introduction of Recall has not been without controversy. Security researchers and privacy advocates have expressed serious concerns about the potential risks associated with the feature.

Kevin Beaumont, a cybersecurity expert who tested Recall, “highlighted that the feature stores data in a database in plain text, making it vulnerable to malware attacks. Beaumont’s findings suggest that an attacker could easily extract the database and its contents, posing a significant security threat”.

With ANYRUN You can Analyze any URL, Files & Email for Malicious Activity : Start your Analysis

Privacy campaigners have also labeled Recall a potential “privacy nightmare,” prompting inquiries from the UK’s Information Commissioner’s Office.

Critics argue that despite Microsoft’s assurances of local and private data storage, the feature’s inherent design could lead to unintended data exposure and misuse.

Microsoft’s Response and Updates

In response to these concerns, Microsoft has made several key updates to the Recall feature to enhance security and privacy.

The company emphasized that Recall is an optional feature, and users must proactively opt-in to enable it. By default, Recall will be turned off, giving users control over their data from the outset.

For added security, Microsoft has made Windows Hello enrollment a requirement to enable Recall. This means that only authenticated users can access the feature. Moreover, proof of presence is necessary to view the timeline and search within Recall, providing an additional layer of security.

Microsoft has also implemented “just in time” decryption, which is protected by Windows Hello Enhanced Sign-in Security (ESS).

Windows Hello Enhanced Sign-in Security (ESS)
Windows Hello Enhanced Sign-in Security (ESS)

Recall snapshots will only be decrypted when needed, reducing the risk of unauthorized access. The company has reiterated its commitment to data protection, aligning with its Security, Fairness, and Inclusiveness (SFI) principles.

Listening to user feedback has been a crucial part of Microsoft’s approach to refining Recall. The company has updated the setup experience to provide clearer choices for users regarding the saving of snapshots. Users can now easily opt-in or out of the feature during the initial setup process.

Microsoft has also introduced privacy controls that allow users to disable certain URLs and apps from being captured by Recall. Additionally, the feature will not store any material protected by digital rights management tools or snapshots from InPrivate web browsing sessions. These measures aim to address some of the privacy concerns raised by users and experts alike.

As Microsoft prepares for the official launch of Copilot+ PCs and the Recall feature, the company remains focused on learning from real-world scenarios and user feedback. By offering Recall in preview, Microsoft aims to gather insights and make further improvements based on the experiences of its customers and the Windows community.

The updates to Recall reflect Microsoft’s commitment to balancing innovation with security and privacy. While the feature promises to enhance productivity and user experience, the company acknowledges the importance of addressing potential risks and ensuring that users have control over their data.

In conclusion, Microsoft’s proactive response to the security and privacy concerns surrounding Recall demonstrates its dedication to creating a safe and user-friendly environment. As the technology landscape continues to evolve, the company’s efforts to refine and improve its features will be crucial in maintaining user trust and confidence.

Looking for Full Data Breach Protection? Try Cynet's All-in-One Cybersecurity Platform for MSPs: Try Free Demo 

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.