More than a year after its debut, Microsoft’s Recall feature remains a source of serious concern among cybersecurity experts, with researchers continuing to demonstrate that the app’s stored data can be accessed by hackers despite the company’s assurances that it is safe.
Recall was originally introduced as a kind of photographic memory for Windows users, capturing screenshots every few seconds and storing them so users could later search their digital activity using plain-language queries. It was billed as a flagship feature of Microsoft’s AI-enabled Copilot+ PCs and began rolling out as an opt-in feature to those devices in April 2025. At the time, Microsoft described it as a secure tool that blurs sensitive information such as credit card numbers and bank passwords, or avoids storing them altogether.
Security researchers have repeatedly challenged that characterisation. Alexander Hagenah, executive director of SIX, a Zurich-based technology company that operates stock exchange infrastructure in Switzerland and Spain, published a detailed account of Recall’s security weaknesses in April 2025 and released a tool he called TotalRecall that could extract all images captured by Recall with no encryption barriers and no advanced technical knowledge required. The University of Pennsylvania’s Office of Information Security issued a warning the same month, describing Recall as introducing “substantial and unacceptable security, legality, and privacy challenges” and urging administrators of Windows environments at the university to disable the feature entirely.
In response to that criticism, Microsoft scaled back its rollout plans, restricting Recall access to participants in its much smaller Windows Insider programme rather than deploying it across all compatible Windows 11 machines. But the concerns have not gone away. Hagenah recently published a new proof-of-concept tool called Total Recall Reloaded, demonstrating that malware running on a user’s PC can copy every Recall screenshot as it passes through in-process memory without requiring administrator access or a kernel exploit. He noted that he has reported additional undisclosed vulnerabilities to Microsoft and will not release the technical details until they are patched.
Malicious actors have already begun writing code to exploit Recall’s screenshot data, with some malware capable of accessing Recall’s own memory to copy screen captures and transmit them to remote servers. Security writer Kevin Beaumont has published a technical overview of how the procedure works, and pre-written code to carry it out is now circulating.
The fundamental tension at the heart of Recall’s problems is one that software engineers have long struggled to resolve. Making data highly convenient for users to access and making it impervious to outside attack are competing goals, and Microsoft has found that the gap between them is difficult to close without compromising one or the other. As of now, fewer than 10% of Windows 11 PCs can enable and run the current version of Recall, and reports indicate Microsoft is reassessing its broader AI push on Windows, with a significant rethink of both Copilot and Recall reportedly underway.
