As the preview release of Windows Recall approaches, Microsoft is proactively addressing security concerns surrounding this innovative feature. Designed for the new Microsoft Copilot+ PCs, Recall was first introduced at the Build conference in May. This feature leverages artificial intelligence to capture snapshots of user interactions, creating a searchable history that enhances the user experience.
Initially slated for a June launch alongside the first wave of Copilot+ PCs, the rollout of Recall faced delays due to significant privacy and security apprehensions. In response, Microsoft opted to postpone the preview until October, taking the opportunity to fortify the feature against potential vulnerabilities.
Enhanced Security Measures
To ensure user safety, Microsoft has implemented an opt-in model for Recall, complemented by additional encryption layers and the requirement of Windows Hello for access. In a recent blog post, David Weston, Microsoft’s head of enterprise and OS security, elaborated on the security architecture that underpins Recall. He highlighted the use of virtualization-based security (VBS) enclaves, which function as secure environments that can only be accessed through Windows Hello.
“VBS Enclaves utilize the same hypervisor as Azure to create a protected segment of the computer’s memory,” Weston explained. “By adhering to Zero Trust principles, code within these enclaves employs cryptographic attestation protocols to ensure a secure environment before executing sensitive tasks, such as processing snapshots.”
Windows Recall’s security architecture. (Source: Microsoft)
Most of Recall’s architecture operates within a VBS enclave, safeguarding it from unauthorized access. Components outside the enclave, while deemed untrusted, do not have direct access to snapshots or encryption keys. Instead, they receive data only after it has been authorized by the enclave.
Additionally, Recall offers users a range of privacy settings to customize their experience. Users can opt to exclude specific applications or websites, delete individual snapshots or groups of them, halt ongoing snapshots, and determine the retention period for stored snapshots. Notably, Recall does not capture data from in-private browsing sessions and automatically filters out sensitive information, such as credit card numbers and passwords.
Weston reassured users that Recall does not share snapshots or associated data with Microsoft or third parties, nor does it allow sharing between different Windows users on the same device. However, some diagnostic data may be transmitted to Microsoft based on user privacy settings.
To ensure Recall’s reliability, Microsoft conducted thorough internal and third-party design reviews, alongside penetration testing. The feature was also evaluated against Microsoft’s Responsible AI Standard.
“The secure design and implementation of Recall provide a comprehensive set of controls against known threats,” Weston stated. “Microsoft remains dedicated to harnessing the power of AI while prioritizing security and privacy, even in the face of sophisticated attacks.”
