Close Menu
Technology Mag

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    The AI Industry’s Scaling Obsession Is Headed for a Cliff

    October 17, 2025

    Meta finally announces parental controls for teen AI use on Instagram

    October 17, 2025

    More Evidence Emerges That One of Saturn’s Moons Could Harbor Life

    October 17, 2025
    Facebook X (Twitter) Instagram
    Subscribe
    Technology Mag
    Facebook X (Twitter) Instagram YouTube
    • Home
    • News
    • Business
    • Games
    • Gear
    • Reviews
    • Science
    • Security
    • Trending
    • Press Release
    Technology Mag
    Home » Microsoft’s Recall Feature Is Even More Hackable Than You Thought
    Security

    Microsoft’s Recall Feature Is Even More Hackable Than You Thought

    News RoomBy News RoomJune 10, 20243 Mins Read
    Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Email

    Microsoft’s CEO Satya Nadella has hailed the company’s new Recall feature, which stores a history of your computer desktop and makes it available to AI for analysis, as “photographic memory” for your PC. Within the cybersecurity community, meanwhile, the notion of a tool that silently takes a screenshot of your desktop every five seconds has been hailed as a hacker’s dream come true and the worst product idea in recent memory.

    Now, security researchers have pointed out that even the one remaining security safeguard meant to protect that feature from exploitation can be trivially defeated.

    Since Recall was first announced last month, the cybersecurity world has pointed out that if a hacker can install malicious software to gain a foothold on a target machine with the feature enabled, they can quickly gain access to the user’s entire history stored by the function. The only barrier, it seemed, to that high-resolution view of a victim’s entire life at the keyboard was that accessing Recall’s data required administrator privileges on a user’s machine. That meant malware without that higher-level privilege would trigger a permission pop-up, allowing users to prevent access, and that malware would also likely be blocked by default from accessing the data on most corporate machines.

    Then on Wednesday, James Forshaw, a researcher with Google’s Project Zero vulnerability research team, published an update to a blog post pointing out that he had found methods for accessing Recall data without administrator privileges—essentially stripping away even that last fig leaf of protection. “No admin required ;-)” the post concluded.

    “Damn,” Forshaw added on Mastodon. “I really thought the Recall database security would at least be, you know, secure.”

    Forshaw’s blog post described two different techniques to bypass the administrator privilege requirement, both of which exploit ways of defeating a basic security function in Windows known as access control lists that determine which elements on a computer require which privileges to read and alter. One of Forshaw’s methods exploits an exception to those control lists, temporarily impersonating a program on Windows machines called AIXHost.exe that can access even restricted databases. Another is even simpler: Forshaw points out that because the Recall data stored on a machine is considered to belong to the user, a hacker with the same privileges as the user could simply rewrite the access control lists on a target machine to grant themselves access to the full database.

    That second, simpler bypass technique “is just mindblowing, to be honest,” says Alex Hagenah, a cybersecurity strategist and ethical hacker. Hagenah recently built a proof-of-concept hacker tool called TotalRecall designed to show that someone who gained access to a victim’s machine with Recall could immediately siphon out all the user’s history recorded by the feature. Hagenah’s tool, however, still required that hackers find another way to gain administrator privileges through a so-called “privilege escalation” technique before his tool would work.

    With Forshaw’s technique, “you don’t need any privilege escalation, no pop-up, nothing,” says Hagenah. “This would make sense to implement in the tool for a bad guy.”

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Email
    Previous ArticleKeychron’s Q1 HE Marks a Turning Point for Mechanical Keyboards
    Next Article Leaked Google Pixel Watch 3 renders suggest it will get thicker but not bigger

    Related Posts

    A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

    October 16, 2025

    North Korean Scammers Are Doing Architectural Design Now

    October 16, 2025

    ICE Wants to Build Out a 24/7 Social Media Surveillance Team

    October 14, 2025

    Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data

    October 14, 2025

    ‘Happy Gilmore’ Producer Buys Spyware Maker NSO Group

    October 14, 2025

    Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits

    October 14, 2025
    Our Picks

    Meta finally announces parental controls for teen AI use on Instagram

    October 17, 2025

    More Evidence Emerges That One of Saturn’s Moons Could Harbor Life

    October 17, 2025

    Anthropic connects Claude to Microsoft Teams, Outlook, and OneDrive

    October 17, 2025

    AT&T is raising home internet prices for the second year in a row

    October 17, 2025
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    News

    MacBook Pro rumor points to OLED, touchscreen upgrades next year

    By News RoomOctober 16, 2025

    For several years, Gurman has said that, according to his sources, the next major MacBook…

    Amazon shares a ‘first look’ at new nuclear facility

    October 16, 2025

    A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

    October 16, 2025

    Apple TV and Peacock announce a discounted $15 monthly subscription bundle

    October 16, 2025
    Facebook X (Twitter) Instagram Pinterest
    • Privacy Policy
    • Terms of use
    • Advertise
    • Contact
    © 2025 Technology Mag. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.