Close Menu
Canadian ReviewsCanadian Reviews
  • What’s On
  • Reviews
  • Digital World
  • Lifestyle
  • Travel
  • Trending
  • Web Stories
Trending Now
Swimwear experts highlight the latest looks for the pool or beach | Canada Voices

Swimwear experts highlight the latest looks for the pool or beach | Canada Voices

10th Jul: Miguel Ángel Blanco: The 48 Hours that Changed Spain (2026), 1hr 34m [TV-14] (6/10)

10th Jul: Miguel Ángel Blanco: The 48 Hours that Changed Spain (2026), 1hr 34m [TV-14] (6/10)

Mary Simon gets send-off at Governor General’s Performing Arts Awards, TELUS gala raises funds for youth | Canada Voices

Mary Simon gets send-off at Governor General’s Performing Arts Awards, TELUS gala raises funds for youth | Canada Voices

How Champagne producers maintain a consistent product from year to year despite warmer temperatures | Canada Voices

How Champagne producers maintain a consistent product from year to year despite warmer temperatures | Canada Voices

Accor Convenes Third Edition of the Global Leadership Council to Identify the Key Trends Driving Hospitality Performance in 2026

Accor Convenes Third Edition of the Global Leadership Council to Identify the Key Trends Driving Hospitality Performance in 2026

Carney heading to Alberta for Calgary Stampede

Carney heading to Alberta for Calgary Stampede

Jason Statham’s highest-rated action movie is completely free to stream now

Jason Statham’s highest-rated action movie is completely free to stream now

Facebook X (Twitter) Instagram
  • Privacy
  • Terms
  • Advertise
  • Contact us
Facebook X (Twitter) Instagram Pinterest Vimeo
Canadian ReviewsCanadian Reviews
  • What’s On
  • Reviews
  • Digital World
  • Lifestyle
  • Travel
  • Trending
  • Web Stories
Newsletter
Canadian ReviewsCanadian Reviews
You are at:Home » Microsoft faces fresh Windows Recall security concerns
Microsoft faces fresh Windows Recall security concerns
Digital World

Microsoft faces fresh Windows Recall security concerns

15 April 20264 Mins Read

When Microsoft tried to launch Recall, an AI-powered Windows feature that screenshots most of what you do on your PC, it was labeled a “disaster” for cybersecurity and a “privacy nightmare.” After the backlash and a year-long delay to redesign and secure Recall, it’s once again facing security and privacy concerns.

Cybersecurity expert Alexander Hagenah has created TotalRecall Reloaded, a tool that extracts and displays data from Recall. It’s an update to the TotalRecall tool that demonstrated all the weaknesses in the original Recall feature before Microsoft redesigned it.

Microsoft’s redesign focused on creating a secure vault for Recall data, with Windows Hello authentication and a secure environment through a Virtualization-based Security Enclave. Recall requires users to authenticate using a face or fingerprint to gain access to data and to enable snapshots to be recorded. “This restricts attempts by latent malware trying to ’ride along’ with a user authentication to steal data,” said Microsoft in a September 2024 blog post.

“My research shows that the vault is real, but the trust boundary ends too early,” says Hagenah. “TotalRecall Reloaded makes that ‘latent malware’ ride along.” The TotalRecall Reloaded tool can silently run in the background and activate the Recall timeline to force a user into authenticating with a Windows Hello prompt. Once the authentication has taken place, TotalRecall Reloaded can then extract everything that Windows Recall has ever captured. “That is precisely the scenario Microsoft’s architecture is supposed to restrict,” says Hagenah.

Recall stores much more than just screenshots, with the history of text that has appeared on your screen, messages, emails, documents, browsing history, and much more. Microsoft’s changes to Recall security came months after CEO Satya Nadella told employees “If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security.”

Hagenah responsibly disclosed his latest findings to Microsoft last month, but the company closed the report and said there was no vulnerability. “We appreciate Alexander Hagenah for identifying and responsibly reporting this issue. After careful investigation, we determined that the access patterns demonstrated are consistent with intended protections and existing controls, and do not represent a bypass of a security boundary or unauthorized access to data,” says David Weston, corporate vice president of Microsoft Security, in a statement to The Verge. “The authorization period has a timeout and anti-hammering protection that limit the impact of malicious queries.”

In messages to The Verge, Hagenah disputes Microsoft’s timeout protections. “I can re-poll the data, and what I am doing in my tool [is] to bypass it. And the timeout is patched out,” says Hagenah. “My biggest issue still is them saying in their official announcement that the enclave prevents ‘latent malware riding along,’ which it clearly doesn’t.”

TotalRecall Reloaded can also extract the latest cached Windows Recall screenshot without Windows Hello authentication, or totally wipe the entire capture history. But the type of malware that Hagenah describes could sit in the background on a PC and take screenshots anyway, with or without Windows Recall.

Microsoft doesn’t think there’s a vulnerability here because this is simply how Windows works. Regular user-mode processes have the ability to inject code into themselves as a normal and often legitimate behavior in Windows, but this flexibility also creates opportunities for abuse.

A similar infostealer malware could sit and extract 1Password data or your browsing history, if it was undetected by the various other Windows security tools and memory protection efforts. The bigger concern is that Recall stores a lot more sensitive data than just passwords or browsing history, and Microsoft’s original promise that Recall would protest against malware riding along in the background.

Despite the concerns, Microsoft got a lot right with its Recall redesign. “The VBS enclave is rock solid,” says Hagenah. “The authentication model is stateless and race-free (thousands of probes, zero bypasses).” Hagenah just thinks Microsoft could, and should, go a step further to meet its security design goals for Recall. “The fundamental problem isn’t the crypto, the enclave, the authentication, or the PPL,” he says. “It’s sending decrypted content to an unprotected process for rendering. The vault door is titanium. The wall next to it is drywall.”

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

  • Tom Warren

    Tom Warren

    Posts from this author will be added to your daily email digest and your homepage feed.

    See All by Tom Warren

  • Microsoft

    Posts from this topic will be added to your daily email digest and your homepage feed.

    See All Microsoft

  • Report

    Posts from this topic will be added to your daily email digest and your homepage feed.

    See All Report

  • Tech

    Posts from this topic will be added to your daily email digest and your homepage feed.

    See All Tech

  • Windows

    Posts from this topic will be added to your daily email digest and your homepage feed.

    See All Windows

Share. Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Telegram Email

Related Articles

Are you filthy enough for a 0 portable shower? 

Are you filthy enough for a $700 portable shower? 

Digital World 11 July 2026
The FCC is cracking down on DJI tech that dodged the foreign drone ban

The FCC is cracking down on DJI tech that dodged the foreign drone ban

Digital World 10 July 2026
No, Flock isn’t threatening people for debating surveillance

No, Flock isn’t threatening people for debating surveillance

Digital World 10 July 2026
Meta turns off the Instagram feature that let users make AI deepfakes of public accounts

Meta turns off the Instagram feature that let users make AI deepfakes of public accounts

Digital World 10 July 2026
Apple sues OpenAI for allegedly stealing hardware secrets

Apple sues OpenAI for allegedly stealing hardware secrets

Digital World 10 July 2026
I’m filling in at The Verge for 6 weeks. Ask me anything!

I’m filling in at The Verge for 6 weeks. Ask me anything!

Digital World 10 July 2026
Top Articles
The Mother May I Story – Chickpea Edition

The Mother May I Story – Chickpea Edition

18 May 202498 Views
How to Keep Your Business Finances Organized All Year Round

How to Keep Your Business Finances Organized All Year Round

3 October 202589 Views
LearnToTrade: A Comprehensive Look at the Controversial Trading School

LearnToTrade: A Comprehensive Look at the Controversial Trading School

28 April 202478 Views
Why Should a Couple in Love Visit an Escape Room?

Why Should a Couple in Love Visit an Escape Room?

30 September 202551 Views
Demo
Don't Miss
Carney heading to Alberta for Calgary Stampede
Lifestyle 11 July 2026

Carney heading to Alberta for Calgary Stampede

On the heels of his latest trip abroad, Prime Minister Mark Carney is heading to…

Jason Statham’s highest-rated action movie is completely free to stream now

Jason Statham’s highest-rated action movie is completely free to stream now

6 of the best summer food festivals worth a road trip from Toronto, Canada Reviews

6 of the best summer food festivals worth a road trip from Toronto, Canada Reviews

85 Funniest ‘What Do You Call?’ Jokes To Crack You Up

85 Funniest ‘What Do You Call?’ Jokes To Crack You Up

About Us
About Us

Canadian Reviews is your one-stop website for the latest Canadian trends and things to do, follow us now to get the news that matters to you.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks
Swimwear experts highlight the latest looks for the pool or beach | Canada Voices

Swimwear experts highlight the latest looks for the pool or beach | Canada Voices

10th Jul: Miguel Ángel Blanco: The 48 Hours that Changed Spain (2026), 1hr 34m [TV-14] (6/10)

10th Jul: Miguel Ángel Blanco: The 48 Hours that Changed Spain (2026), 1hr 34m [TV-14] (6/10)

Mary Simon gets send-off at Governor General’s Performing Arts Awards, TELUS gala raises funds for youth | Canada Voices

Mary Simon gets send-off at Governor General’s Performing Arts Awards, TELUS gala raises funds for youth | Canada Voices

Most Popular
Why You Should Consider Investing with IC Markets

Why You Should Consider Investing with IC Markets

28 April 202430 Views
OANDA Review – Low costs and no deposit requirements

OANDA Review – Low costs and no deposit requirements

28 April 2024362 Views
LearnToTrade: A Comprehensive Look at the Controversial Trading School

LearnToTrade: A Comprehensive Look at the Controversial Trading School

28 April 202478 Views
© 2026 ThemeSphere. Designed by ThemeSphere.
  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact us

Type above and press Enter to search. Press Esc to cancel.