Microsoft's 'Recall' Feature Will No Longer Be a Default Setting Due to Security Concerns

Microsoft's controversial new AI Recall feature will no longer be activated by default for Windows users, the company announced.

Recall, which was unveiled in May and is currently in preview, records every action taken by a user to help create more personalized queries in its AI-powered Copilot. While the new feature has been designed to improve the Copilot experience, some in the security community began to express possible concerns.

In an article posted to Medium (soft paywalled), security expert Kevin Beaumont broke down how, with just a few lines of code, Microsoft's newest Copilot feature could allow attackers to steal a user's entire PC usage history.  In his analysis, he said that, while the new feature would be useful to many, Microsoft's security track record would make this feature too risky for public use.

"I think it's an interesting entirely, really optional feature with a niche initial user base that would require incredibly careful communication, cybersecurity, engineering and implementation. Copilot+ Recall doesn’t have these," Wrote Beaumont. "The work hasn’t been done properly to package it together, clearly."

Responding to feedback from Beaumont and others, along with disabling the feature by default, Microsoft said it is adding an additional "enrollment" level to use the service and enhancing Recall's security with "just in time" decryption, which uses Windows Hello Sign-In Security (ESS).  

It also laid out the current security settings for the Copilot feature. Recall, locally stores and processes snapshots without relying on Internet or cloud connections. These snapshots are never shared with Microsoft or other entities, and per-user encryption ensures privacy even on shared devices.

According to Microsoft, users will be clearly notified when Recall is saving snapshots, with icons visible on the taskbar and system tray. Digital rights managed content and InPrivate browsing data are excluded from snapshots.

Finally, users can manage their snapshots with options to pause, filter or delete them at any time, maintaining control over what is saved. For enterprise users, IT administrators can disable the snapshot-saving feature, but cannot enable it on behalf of users.

Microsoft also said the line of Copilot+ PCs, also announced last month, will come with additional security features, including hardware-level baked-in security, Microsoft Pluton security processor and Windows Hello ESS turned on by default.

"We are on a journey to build products and experiences that live up to our company mission to empower people and organizations to achieve more, and are driven by the critical importance of maintaining our customers’ privacy, security and trust. As we always do, we will continue to listen to and learn from our customers, including consumers, developers and enterprises, to evolve our experiences in ways that are meaningful to them," wrote Pavan Davuluri, corporate vice president, Windows + Devices. 

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

  • abstract smartphone translucent screen displaying AI interface

    Apple Unveils Redesigned Siri AI

    At its recent Worldwide Developers Conference, Apple announced Siri AI, a redesigned version of its voice assistant that Apple describes in its own announcement as "a profoundly more capable and personal assistant." The update is intended to make Siri more conversational, more context-aware, and more useful across iPhone, iPad, Mac, Apple Watch, and Vision Pro.

  • closeup of hands using smartphone to talk with ai chatbot

    Novakid Launches AI App for English-Speaking Practice

    Novakid, an online English learning platform for children, has launched NovaPals, an AI-powered conversational app for independent English-speaking practice.

  • abstract agentic ai data streams

    Rubrik Brings Agentic AI to Its Flagship Cyber Resilience Platform

    Rubrik has introduced Rubrik AI, positioning the company's cyber resilience platform around agentic operations across data, identity, and AI infrastructure.

  • Wi-Fi icon on dark blue circuit background

    FCC to Conduct 'Top-to-Bottom' Review of E-Rate Program

    The FCC is laying the groundwork for a comprehensive review of its E-Rate program, the federal initiative that provides K–12 schools and public libraries with discounts on internet, WiFi, and telecommunications services to ensure equitable digital access.