Intense criticism over Microsoft's artificial intelligence-powered Windows Recall feature — which was touted to capture active window screenshots on PCs using AI and a Neural Processing Unit — has prompted the integration of more robust default data protection and access controls, as well as an option for its removal from Windows systems, BleepingComputer reports.
Aside from reiterating its opt-in nature, Windows Recall was noted by Microsoft to have been enhanced with a sensitive information filter and malware defense systems, as well as an increased focus on user control, sensitive data encryption, service isolation, and intentional usage.
Microsoft also emphasized the usage of devices' Trusted Platform Modules to ensure the protection of encryption keys used for data collected by Windows Recall.
"Using VBS Enclaves with Windows Hello Enhanced Sign-in Security allows data to be briefly decrypted while you use the Recall feature to search. Authorization will time out and require the user to authorize access for future sessions. This restricts attempts by latent malware trying to 'ride along' with user authentication to steal data," said Microsoft Vice President for Enterprise and OS Security David Weston.
