Privacy Concerns Arise Over Recall Feature in Windows 11 Due to Malware

Microsoft promoted Recall as essentially a new type of search engine. For example, if you wanted to revisit a document, video, or webpage but can’t remember where you saw it, you can enter what you remember into a text interface. Windows will then use AI to find what you are looking for.

Recall’s Potential Benefits vs. Privacy Concerns

Recall offers a promising solution for those who often find themselves lost in the digital maze of documents and media. Imagine having a personal assistant that can instantly locate any piece of information you've interacted with, simply based on your recollection. However, this convenience comes with significant privacy concerns. The idea of a PC recording everything you do just seems creepy, even if all your activities are entirely innocent. Adding to this concern is that the Recall feature in the Windows 11 24H2 Build, which Microsoft hasn’t yet generally released, has already been compromised. It further underscores the idea that using the Recall feature poses significant risks.

Malware and Access Risks

Despite these reassurances, there are undeniable risks associated with using the Recall feature. Imagine a user accidentally clicks on a malicious link and installs malware on their Windows 11 PC. Generally, malware operates with the same permissions and within the same security context as the user who installed it. In theory, malware could interact with the Recall history programmatically, perhaps by silently submitting Recall queries in the background.

Prevailing wisdom suggests that malware cannot directly access the screen capture repository, as accessing the repository requires local administrative credentials. However, a recent blog post on Tyranid’s Lair explains that it would be relatively easy for a cybercriminal to gain access without administrative credentials. The blog post notes that since the user who creates the files owns them, you can rewrite the DACLs (discretionary access control list) to gain access without needing admin rights. The blog post also outlines another method involving opening an instance of AIXHost.exe, copying its token, and using the security token to gain access to the screen capture repository.

Even if the Recall feature were secure, the idea of a PC recording everything you do just seems creepy, even if all your activities are entirely innocent. Adding to this concern is that the Recall feature in the Windows 11 24H2 Build, which Microsoft hasn’t yet generally released, has already been compromised. It further underscores the idea that using the Recall feature poses significant risks.

Update: 02 Jul 2024

Ultra Recall download for free to PC or mobile

Latest update Ultra Recall download for free for Windows PC or Android mobile

695 reviews

2794 downloads

News and reviews about Ultra Recall

14 May 2025

Mandatory Windows 11 Update Activates AI Screen Recall

Microsoft's Windows 11 update includes mandatory Recall activation, raising privacy concerns as it captures screen snapshots automatically. Consider the security implications.

05 May 2025

Microsoft's Launch of Recall Sparks Privacy Concerns

Microsoft unveils Recall, an AI feature capturing desktop snapshots. Users can disable it via settings, but the integration and security concerns evoke caution.

29 Apr 2025

Microsoft Relaunches Controversial AI Tool with Updates

Microsoft has announced the relaunch of Recall, an AI-powered tool that continuously records PC activities by taking screenshots. Despite improved security measures, experts remain concerned about privacy risks.

28 Apr 2025

Microsoft Relaunches Recall Feature for AI-Driven PCs

Microsoft reintroduces its Recall feature for Copilot+ PCs, assuring users of data security while operating locally, yet faces competition from improved search alternatives.

25 Apr 2025

Microsoft Unveils AI-Powered Search Features for Windows

Microsoft introduces Recall for Copilot Plus PCs, featuring AI-enhanced search and Click to Do capability. New tools aim to improve user experience by enabling natural language queries and interactive functionalities.

25 Apr 2025

Microsoft Introduces Windows Recall Amid Privacy Concerns

Microsoft unveils Windows Recall on Copilot+ PCs, sparking debates on privacy. The feature stores screenshots in a searchable database and includes enhanced security measures, user opt-in requirements, and a removable option.

11 Mar 2025

Windows Recall Enhances Productivity by Tracking PC Use

Windows Recall boosts productivity by capturing screen snapshots, logging activity, and offering seamless task resumption and organization.

04 Sep 2024

Microsoft Confirms Windows Recall Feature Cannot Be Uninstalled

Microsoft confirms its Windows Recall feature will be non-uninstallable, despite earlier suggestions. Available only on Copilot+ PCs with advanced NPUs, the feature allows users to retrieve past activities via periodic screenshots. Security concerns have arisen, but Microsoft assures local-only access.

04 Sep 2024

Microsoft Confirms Recall Feature Permanent on Windows 11, Fixes Bug

Microsoft's KB5041865 update for Windows 11 mistakenly included an option to uninstall the Recall feature. Microsoft clarified this as a bug and confirmed Recall will be permanent but can be disabled. The error will be corrected in a future update, according to senior product manager Brandon LeBlanc.

02 Sep 2024

Microsoft Postpones Windows 11 Recall Feature Amid Privacy Concerns

Windows 11 users face issues with the "Recall" feature, which captures screenshots of user activity. Microsoft clarified that Recall was incorrectly listed as uninstallable and will be fixed. Concerns about data privacy have led to Recall being opt-in by default. The rollout is postponed to October for further testing.