Microsoft's New Recall Feature Exposed as a Security Risk

6/12/2024, 5:24 PM

New Discovery: Hackers can access historical data of the AI function without admin rights – feature criticized as a 'dumpster fire'.

Eulerpool News Jun 12, 2024, 5:24 PM

Microsoft's CEO Satya Nadella has praised the new "Recall" feature, which stores a history of the computer desktop and makes it available for AI analysis, as a "photographic memory" for the PC. Within the cybersecurity community, however, this feature is criticized as a "hacker's dream" and one of the worst product ideas in recent times.

Sicherheitslücken in der Recall-Funktion entdeckt

On Wednesday, security researchers released new findings that show even Recall's remaining security measures can be easily bypassed. James Forshaw, a researcher at Google's Project Zero, outlined two methods in a blog post on how to circumvent admin privileges and access Recall data. "No admin required ;-)," Forshaw concluded in his post.

Forshaw explained that one of the methods involves temporarily impersonating a program on Windows machines called AIXHost.exe, which can access restricted databases. The simpler method involves rewriting the access control lists on a target device to grant oneself access to the entire database.

Reaktionen und Konsequenzen

Alex Hagenah, a cybersecurity strategist, was surprised by the simplicity of the methods. Hagenah had recently developed a proof-of-concept tool called TotalRecall, which demonstrated how an attacker could extract recall data. Until now, his tool required administrator privileges to function. With Forshaw's methods, this is no longer necessary.

These revelations amplify concerns that Recall essentially functions as pre-installed spyware on a user's device and can be easily exploited by hackers. Dave Aitel, founder of cybersecurity firm Immunity, emphasized: 'It makes your security very fragile since anyone who compromises your device for just a second can view your entire history.'

Microsofts Antwort bleibt aus

Certainly! Here is the translated heading in English:

"Until now, Recall has been tested in preview versions before its official introduction later this month. Microsoft plans to enable the feature by default on compatible Copilot+ PCs. Despite inquiries, Microsoft has so far not responded to Forshaw's findings.

Jake Williams, former NSA hacker and now VP of R&D at the cybersecurity consultancy Hunter Strategy, expressed strong concerns: "This is one of the scariest cases I've ever seen from a corporate security perspective." He criticized that the feature was obviously released without proper review by Microsoft's cybersecurity team.

These recent revelations highlight the need for careful security assessment of new technologies and the potential risks associated with their implementation.

Access the world's leading financial data and tools

Subscribe for $2

News

Business

AllianceBernstein sues Switzerland over AT1 bond write-down of 225 million dollars

Markets

eToro plans IPO in the USA – Valuation could exceed 3.5 billion dollars

AI

OpenAI ushers in a wave of new AI products and features with "Shipmas

Wealth

Cum-ex whistleblower Eckart Seith in court again – Swiss judiciary raises allegations

Politics

EU seeks dialogue with Elon Musk: New digital strategy after public dispute