Microsoft delays roll-out of Windows Recall feature after pressure from security community
Microsoft admits it needs more time to iron out security wrinkles in its much-maligned Windows Recall capability


Windows Recall feature will no longer be part of the official launch of its new Copilot + PC range after security concerns forced Microsoft to hold the feature back for further testing.
On 20 May 2024, Microsoft sparked uproar among security and privacy experts after it announced the AI-powered feature that would continually record users’ devices, including sensitive information, to allow users to search back through their activities.
In an update to a company blog post initially announcing changes to the feature, Pavan Davuluri, VP for Windows and devices, said the wider release of Recall will be pushed back as it conducts further security testing.
The initial changes to the roll out of Recall gave users a clearer opt-in choice, meaning the capability will be turned off by default on Copilot + PCs, as well as adding additional security layers.
The additional security layers included extra data protection features such as ‘just in time’ decryption protected by Windows Hello Enhanced Sign-in Security (ESS), meaning images captured by Recall are only decrypted and accessible after authentication by the user.
Windows Recall to undergo further testing
The latest update pushing Recall back stated that “following feedback on Recall”, the feature will undergo further testing in its open software testing program before it is made generally available.
“We are adjusting the release model for Recall to leverage the expertise of the Windows Insider community to ensure the experience meets our high standards for quality and security”, wrote Davuluri.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
“This decision is rooted in our commitment to providing a trusted, secure and robust experience for all customers and to seek additional feedback prior to making the feature available to all Copilot + PC users.”
RELATED WHITEPAPER
This update shows Microsoft feels it needs more time to get on top of Recall’s security issues before the wider release of its Copilot + hardware devices. This means Recall will not be available to the public, but will be made available to test in the Windows Insider Program “in the coming weeks”.
“When Recall (preview) becomes available in the Windows Insider Program, we will publish a blog post with details on how to get the preview.”
Solomon Klappholz is a former Staff Writer at ITPro adn ChannelPro. He has experience writing about the technologies that facilitate industrial manufacturing which led to him developing a particular interest in IT regulation, industrial infrastructure applications, and machine learning.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
So long, Defender VPN: Microsoft is scrapping the free-to-use privacy tool over low uptake
News Defender VPN, Microsoft's free virtual private network, is set for the scrapheap, so you might want to think about alternative services.
By Nicole Kobie Published
-
Hackers are on a huge Microsoft 365 password spraying spree – here’s what you need to know
News A botnet made up of 130,000 compromised devices has been conducting a huge password spraying campaign targeting Microsoft 365 accounts.
By Solomon Klappholz Published
-
Everything you need to know about the Microsoft Power Pages vulnerability
News A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
By Solomon Klappholz Published
-
Microsoft is increasing payouts for its Copilot bug bounty program
News Microsoft has expanded the bug bounty program for its Copilot lineup, boosting payouts and adding coverage of WhatsApp and Telegram tools.
By Nicole Kobie Published
-
Hackers are using this new phishing technique to bypass MFA
News Microsoft has warned that a threat group known as Storm-2372 has altered its tactics using a specific ‘device code phishing’ technique to bypass MFA and steal access tokens.
By Solomon Klappholz Published
-
A new phishing campaign is exploiting Microsoft’s legacy ADFS identity solution to steal credentials and bypass MFA
News Researchers at Abnormal Security have warned of a new phishing campaign targeting Microsoft's Active Directory Federation Services (ADFS) secure access system.
By Solomon Klappholz Published
-
Hackers are using Microsoft Teams to conduct “email bombing” attacks
News Experts told ITPro that tactics like this are on the rise, and employees must be trained effectively
By George Fitzmaurice Published
-
Microsoft files suit against threat actors abusing AI services
News Cyber criminals are accused of using stolen credentials for an illegal hacking as a service operation
By Solomon Klappholz Published