Researcher Demoes Way to Grab Cleartext Data from Windows Recall

Cybersecurity researcher Kevin Beaumont has detailed vulnerabilities in Windows Recall, demonstrating how the feature can be exploited to steal unencrypted data with just two lines of code.

Microsoft's Copilot+ Recall feature for Windows 11, intended to boost productivity by continuously capturing and indexing screenshots, has raised controversy since its announcement, with many people calling Microsoft out for introducing significant security risks to the OS.

Beaumont's work proves that Microsoft's claims about the logged data being protected are false and highlight the severe privacy and security risks a large number of users will have to deal with if the system is rolled out as is.

Major Recall flaws

Copilot+ Recall takes screenshots every few seconds, uses Azure AI to perform optical character recognition (OCR) on the images, and stores the resulting text in an SQLite database within the user's folder. While designed to help users quickly find past activities, this system inadvertently creates a comprehensive, searchable record of everything a user views on their PC, posing significant security risks.

Beaumont's investigation into Copilot+ Recall reveals several alarming issues like:

• Local Storage Risks: Although Microsoft claims that the data is processed and stored locally, Beaumont points out that encryption only protects data at rest. When a user is logged in, the data is decrypted and accessible, making it vulnerable to malicious software.
• Ease of Data Theft: InfoStealer trojans, which have long-targeted browser credentials and other local data, can easily be adapted to extract data from the Recall database. Beaumont demonstrated that even standard infostealers can be modified to scrape this new, richer target.
• Inadequate User Control: Despite Microsoft's assurances, Beaumont found that users do not need administrative privileges to access the database. This lack of robust access control further exacerbates the risk.
• Sensitive Data Exposure: The Recall database captures all screen content, including passwords, financial information, and private communications. This data remains even if messages are deleted from their original apps.

Beaumont highlights the ease with which malicious actors can exploit this feature. By running a simple script, hackers can access and exfiltrate the Recall database. During his tests, Beaumont showed that it takes mere seconds to extract months' worth of data, which can then be searched and analyzed remotely.

Microsoft told media outlets a hacker cannot exfiltrate Copilot+ Recall activity remotely.

Reality: how do you think hackers will exfiltrate this plain text database of everything the user has ever viewed on their PC? Very easily, I have it automated.

HT detective pic.twitter.com/Njv2C9myxQ

— Kevin Beaumont (@GossiTheDog) May 30, 2024

The potential for abuse of the Recall feature is immense. With the ability to scrape detailed user data automatically, attackers can orchestrate large-scale data breaches, compiling extensive personal information without the knowledge of the affected companies or individuals.

Recommendations

Until Microsoft addresses these critical vulnerabilities, users and organizations must take proactive steps to protect their data, including:

• Turning off Recall entirely through the Windows settings by navigating to Settings > Privacy & Security > Recall & Snapshots.
• Periodically reviewing and deleting snapshots, especially those containing sensitive information.
• Using the available options to prevent Recall from recording specific apps and websites.

Organizations should also configure policies to disable or limit Recall's functionality until comprehensive risk assessments are conducted. IT administrators can use the Turn-off saving snapshots for Windows policy to manage settings across enterprise devices.