Microsoft Will Disable Default 'Recall' Feature Due to Security Concerns

Microsoft's controversial new Recall feature (currently in preview) will not be activated by default for Windows users, the company announced.

Recall, which was unveiled in May, records every action taken by a user to help create more personalized queries in its AI-powered Copilot. While the new feature has been designed to improve the Copilot experience, some in the security community began to express possible concerns.

In an article posted to Medium (soft paywalled), security expert Kevin Beaumont broke down how, with just a few lines of code, Microsoft's newest Copilot feature could allow attackers to steal a user's entire PC usage history.  In his analysis, he said that, while the new feature would be useful to many, Microsoft's security track record would make this feature too risky for public use.

"I think it's an interesting entirely, really optional feature with a niche initial user base that would require incredibly careful communication, cybersecurity, engineering and implementation. Copilot+ Recall doesn’t have these," Wrote Beaumont. "The work hasn’t been done properly to package it together, clearly."

Responding to feedback from Beaumont and others, along with disabling the feature by default, Microsoft said it is adding an additional "enrollment" level to use the service and enhancing Recall's security with "just in time" decryption, which uses Windows Hello Sign-In Security (ESS).  

It also laid out the current security settings for the Copilot feature. Recall, locally stores and processes snapshots without relying on Internet or cloud connections. These snapshots are never shared with Microsoft or other entities, and per-user encryption ensures privacy even on shared devices.

According to Microsoft, users will be clearly notified when Recall is saving snapshots, with icons visible on the taskbar and system tray. Digital rights managed content and InPrivate browsing data are excluded from snapshots.

Finally, users can manage their snapshots with options to pause, filter or delete them at any time, maintaining control over what is saved. For enterprise users, IT administrators can disable the snapshot-saving feature, but cannot enable it on behalf of users.

Microsoft also said the line of Copilot+ PCs, also announced last month, will come with additional security features, including hardware-level baked-in security, Microsoft Pluton security processor and Windows Hello ESS turned on by default.

"We are on a journey to build products and experiences that live up to our company mission to empower people and organizations to achieve more, and are driven by the critical importance of maintaining our customers’ privacy, security and trust. As we always do, we will continue to listen to and learn from our customers, including consumers, developers and enterprises, to evolve our experiences in ways that are meaningful to them," wrote Pavan Davuluri, corporate vice president, Windows + Devices. 

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

  • Complete College America Launches Center to Boost Data-Driven Student Success Strategies

    National nonprofit Complete College America (CCA) recently launched the Center for Leadership, Institutional Metrics, and Best Practices (CLIMB), with the goal of helping higher education institutions use data-driven strategies to improve student outcomes.

  • teacher

    6 Policy Recommendations for Incorporating AI in the Classroom

    The Southern Regional Education Board's Commission on AI in Education has published six recommendations for states on adopting artificial intelligence in schools, colleges, and universities. The guidance marks the commission's first release since it was established last February, with more recommendations planned in the coming year.

  • computer screen displaying a landline phone being unplugged from a single cord, with a modern office desk, keyboard, and subtle lighting in the background

    Microsoft to Discontinue Skype Services

    Microsoft has announced that it is shutting down service for its Skype telecommunications and video calling services on May 5, 2025.

  • Two figures, one male and one female, stand beside a transparent digital interface displaying AI symbols like neural networks, code, and a shield, against a clean blue gradient background.

    Report Makes Business Case for Responsible AI

    A new report commissioned by Microsoft and published last month by research firm IDC notes that 91% of organizations use AI tech and expect more than a 24% improvement in customer experience, business resilience, sustainability, and operational efficiency due to AI in 2024.