Cybersecurity

Potential malware compromise of data from Microsoft’s Recall feature detailed


Microsoft’s new “Recall” feature, an artificial intelligence-powered functionality enabling the logging of past user activity in its recently introduced Copilot+ PCs, was regarded by cybersecurity researchers as vulnerable to cyberattacks that could compromise its stored data, Security Affairs reports.

While Microsoft emphasized that remote hacking of Recall is unlikely, information-stealing malware could be configured to exfiltrate data stored by the feature, according to cybersecurity expert Kevin Beaumont. Information collected by Recall was also noted by cybersecurity researcher Alex Hagenah to be “unencrypted,” contrary to Microsoft’s claims, with his TotalRecall proof-of-concept tool having been able to automate the capturing of Recall snapshots, all of which are in plain text.

“Windows Recall stores everything locally in an unencrypted SQLite database, and the screenshots are simply saved in a folder on your PC,” Hagenah added. Such a development should prompt Microsoft to delay the launch of Recall to ensure the security of stored data.



Source

Related Articles

Back to top button