Microsoft says its Recall app — which captures and stores screen shots every few seconds — is safe. Security researchers keep saying otherwise.
Recall was originally billed as a “photographic memory” to store everything Windows users do on their computers. People could then see some of those screen shots at a later time by searching AI with plain-text queries such as red barn. (See illustration above.)
Select members of Microsoft’s exclusive Windows Insider program have had access to Recall for more than a year. Users of AI-enabled Copilot+ PCs started receiving Recall as an opt-in feature in April 2025, one year ago this month.
But since its debut, experts have repeatedly demonstrated that hackers can access the data Recall stores. This raises questions about whether a tool that records your entire digital life can ever be adequately secured. The situation is creating uncertainty about Microsoft’s plans to make Recall more widely available on all PCs.
Alexander Hagenah, executive director of SIX — a Zürich-based technology company that operates infrastructure for stock exchanges in Switzerland and Spain — described Recall’s security weaknesses in a LinkedIn post in April 2025. He also released an app he called TotalRecall that could “extract all captured windows and images taken by Recall … nothing encrypted, no rocket science needed.”
Joining other researchers, the University of Pennsylvania’s Office of Information Security released a warning on Apr. 14, 2025, about the version of Recall that was then available. The university’s announcement stated that Recall “introduces substantial and unacceptable security, legality, and privacy challenges” [emphasis in the original]. The statement added that administrators of “Windows environments at Penn are strongly urged” to disable Recall.
In response to criticisms such as these, Microsoft — to its credit — pulled back on its plans to roll out Recall to all Windows 11 PCs that met fairly high system requirements (including a neural processing unit and eight logical processors, according to an MS Learn document). Instead, the company announced in a blog update on June 13, 2024, that Recall would become available only to participants in the company’s much smaller Windows Insider program.
In the time since that decision, the fate of Recall has become even murkier. Journalist Zac Bowden wrote in a Windows Central blog post on Jan. 30, 2026, that Microsoft is “pulling back its Windows 11 AI push with a major Copilot and Recall rethink.”
The problem is that it’s tough for software engineers to make data ultra-convenient for end users to access while simultaneously securing it so it’s impervious to hackers.
It’s hard to remember that the company’s original goal was ease of use, now that Microsoft’s focus has changed to making the security of its screen-cap app impenetrable.
Microsoft says Recall blurs images of credit-card numbers, bank passwords, and other personal data — or doesn’t store them at all. But security experts are still not convinced.
After testing the latest version of Recall, Swiss technologist Hagenah recently issued a new proof-of-concept called “Total Recall Reloaded” on a GitHub page. In his comments, Hagenah said any malware running on a user’s PC can copy every Recall screen shot as it passes through in-process memory: “No admin required. Standard user. No kernel exploit.”
Hagenah has not publicly disclosed some security holes, saying he’s reported them to Microsoft and won’t release the technical details until the Redmond company has fixed the problems.
Already, malicious hackers have written code to take advantage of Recall’s screen shots. The malware can access Recall’s own memory to copy screen caps and send them to a faraway server. Hackers no longer need to write such code from scratch. (The procedure is described in a technical overview by cybersecurity writer Kevin Beaumont.)
At this writing, fewer than 10% of Windows 11 PCs can enable and run the current version of Recall. Microsoft representatives responded to my inquiries about plans for the app’s future availability by pointing to a Sept. 27, 2024, security update and an Apr. 25, 2025, blog post.
Read the full article here
