Close Menu
Technology Mag

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Microsoft’s Xbox PC app adds Steam games and access to other stores

    September 16, 2025

    Amazon’s October Prime Day sale is happening on October 7th

    September 16, 2025

    The unbearable sameness of Liquid Glass

    September 15, 2025
    Facebook X (Twitter) Instagram
    Subscribe
    Technology Mag
    Facebook X (Twitter) Instagram YouTube
    • Home
    • News
    • Business
    • Games
    • Gear
    • Reviews
    • Science
    • Security
    • Trending
    • Press Release
    Technology Mag
    Home » Microsoft’s Recall Feature Is Even More Hackable Than You Thought
    Security

    Microsoft’s Recall Feature Is Even More Hackable Than You Thought

    News RoomBy News RoomJune 10, 20243 Mins Read
    Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Email

    Microsoft’s CEO Satya Nadella has hailed the company’s new Recall feature, which stores a history of your computer desktop and makes it available to AI for analysis, as “photographic memory” for your PC. Within the cybersecurity community, meanwhile, the notion of a tool that silently takes a screenshot of your desktop every five seconds has been hailed as a hacker’s dream come true and the worst product idea in recent memory.

    Now, security researchers have pointed out that even the one remaining security safeguard meant to protect that feature from exploitation can be trivially defeated.

    Since Recall was first announced last month, the cybersecurity world has pointed out that if a hacker can install malicious software to gain a foothold on a target machine with the feature enabled, they can quickly gain access to the user’s entire history stored by the function. The only barrier, it seemed, to that high-resolution view of a victim’s entire life at the keyboard was that accessing Recall’s data required administrator privileges on a user’s machine. That meant malware without that higher-level privilege would trigger a permission pop-up, allowing users to prevent access, and that malware would also likely be blocked by default from accessing the data on most corporate machines.

    Then on Wednesday, James Forshaw, a researcher with Google’s Project Zero vulnerability research team, published an update to a blog post pointing out that he had found methods for accessing Recall data without administrator privileges—essentially stripping away even that last fig leaf of protection. “No admin required ;-)” the post concluded.

    “Damn,” Forshaw added on Mastodon. “I really thought the Recall database security would at least be, you know, secure.”

    Forshaw’s blog post described two different techniques to bypass the administrator privilege requirement, both of which exploit ways of defeating a basic security function in Windows known as access control lists that determine which elements on a computer require which privileges to read and alter. One of Forshaw’s methods exploits an exception to those control lists, temporarily impersonating a program on Windows machines called AIXHost.exe that can access even restricted databases. Another is even simpler: Forshaw points out that because the Recall data stored on a machine is considered to belong to the user, a hacker with the same privileges as the user could simply rewrite the access control lists on a target machine to grant themselves access to the full database.

    That second, simpler bypass technique “is just mindblowing, to be honest,” says Alex Hagenah, a cybersecurity strategist and ethical hacker. Hagenah recently built a proof-of-concept hacker tool called TotalRecall designed to show that someone who gained access to a victim’s machine with Recall could immediately siphon out all the user’s history recorded by the feature. Hagenah’s tool, however, still required that hackers find another way to gain administrator privileges through a so-called “privilege escalation” technique before his tool would work.

    With Forshaw’s technique, “you don’t need any privilege escalation, no pop-up, nothing,” says Hagenah. “This would make sense to implement in the tool for a bad guy.”

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Email
    Previous ArticleKeychron’s Q1 HE Marks a Turning Point for Mechanical Keyboards
    Next Article Leaked Google Pixel Watch 3 renders suggest it will get thicker but not bigger

    Related Posts

    A New Platform Offers Privacy Tools to Millions of Public Servants

    September 15, 2025

    Apple’s Big Bet to Eliminate the iPhone’s Most Targeted Vulnerabilities

    September 13, 2025

    Defense Department Scrambles to Pretend It’s Called the War Department

    September 12, 2025

    US Investment in Spyware Is Skyrocketing

    September 11, 2025

    Cindy Cohn Is Leaving the EFF, but Not the Fight for Digital Rights

    September 11, 2025

    Massive Leak Shows How a Chinese Company Is Exporting the Great Firewall to the World

    September 10, 2025
    Our Picks

    Amazon’s October Prime Day sale is happening on October 7th

    September 16, 2025

    The unbearable sameness of Liquid Glass

    September 15, 2025

    OpenAI Ramps Up Robotics Work in Race Toward AGI

    September 15, 2025

    Facebook gave our data to Cambridge Analytica and all I got was this $38.36

    September 15, 2025
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    News

    The Supreme Court is Google’s last hope to avoid an Epic reckoning in October

    By News RoomSeptember 15, 2025

    4. For a period of three years ending on November 1, 2027, Google may not…

    Meta leaks its new smart glasses with a display

    September 15, 2025

    ‘Hades II’ Is Coming to Nintendo Switch This Month

    September 15, 2025

    Google thinks it can have AI summaries and a healthy web, too

    September 15, 2025
    Facebook X (Twitter) Instagram Pinterest
    • Privacy Policy
    • Terms of use
    • Advertise
    • Contact
    © 2025 Technology Mag. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.