Security researcher Alexander Hagenah has released 'TotalRecall Reloaded,' a tool that bypasses Windows 11 Recall's security improvements by accessing its database through a side channel. The tool demonstrates that even with encryption and Windows Hello authentication, the Recall feature remains vulnerable to local extraction of sensitive user activity data. This highlights ongoing privacy risks in AI-powered features that continuously monitor user behavior.
Background
Windows Recall is an AI feature that captures screenshots of user activity to create a searchable history, which initially stored data unencrypted before security improvements. The original TotalRecall tool exposed these vulnerabilities in 2024, leading Microsoft to delay launch and add encryption protections.
- Source
- Ars Technica
- Published
- Apr 16, 2026 at 04:36 AM
- Score
- 7.0 / 10