Initially, administrative privileges were required to access stored data, but Google researcher James Forshaw discovered ways to bypass this requirement.
Forshaw’s methods effectively bypass Recall’s last protections by leveraging ACL exceptions and user privileges. Cybersecurity strategist Alex Hagenach confirmed Forshaw’s findings, showing that hackers can now access Recall data without the need for elevated privileges.
This raises concerns that Recall could work to install spyware, allowing hackers to obtain all user data by having brief access to a device. Critics argue that this feature was brought to market without proper security testing, contrary to Microsoft’s stated “security priority”.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
