The Recall function surprised everyone because it was the star function presented by Microsoft a few weeks ago. This new way of returning to the “past” asking a question on a specific day, in addition to receiving a lot of criticism, has certain vulnerabilities such as password theft.
Callback in Windows 11 is responsible for catching screenshots of the PC screen every five seconds and record some of the interactions what the user does with their computer. It is integrated with Copilot AI to query actions taken or explore images and text.
A functionality which has its great reason for being intended for users who use your PCs to program, work and edit in all its forms
Microsoft told media that a hacker could not exfiltrate Copilot+ Recall activity remotely.
Reality: How do you think hackers are going to exfiltrate this plain text database of everything the user has ever viewed on their PC? Very easily, I automated it.
Detective HT pic.twitter.com/Njv2C9myxQ
– Kévin Beaumont (@GossiTheDog) May 30, 2024
This new feature will debut on Copilot+ PCs which are coming at the end of the month and some developers are already testing it on Windows PCs running Arm. Thanks to this access, Kevin Beaumont was able to shed light on the private nature of this function.
Microsoft makes it clear that Recall’s AI processing works entirely from the device and no data is sent to company servers
Easy access to recall folder
By capturing everything that appears on the screen every five seconds, remind collects sensitive information from emails and chat messages and the websites that the user visits. And according to Microsoft documents, information such as user passwords or bank accounts is not hidden.
Kevin Beaumont continues to remind extracts text from screenshots and passes it to a database in the Windows AppData folder. And this is precisely where the worst problem lies: anyone using the PC can access this database, even without administrator privileges.
Infostealers, a type of malware used to extract passwords, could evolve in such a way that it would be introduced into the Recall database. Especially when the user is working with their PC, because at that time the data appears decrypted and exposed, exactly the opposite of when the PC is turned off or without logging in with the account and the data is protected by Windows BitLocker.
We will have to see If this access is circumstantial when testing Recall on a PC with Arm and it is the new Copilot+ PCs from Microsoft and those of its partners that offer more effective measures. Also, according to Android AuthorityMicrosoft has time to improve the confidentiality of a system that aims to be revolutionary in the use of a computer with Windows 11.