Cyber Security Today, June 10, 2024 – Microsoft backs down on Recall

Share post:

Microsoft backs down on Recall.

Welcome to Cyber Security Today. It’s Monday, June 10th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Microsoft has given in to overwhelming negative comments by security and privacy pros to its upcoming Windows 11 Recall feature. That feature would by default take and store screenshots every five seconds of whatever a user or employee is doing PCs. That could include plaintext passwords being entered as well as sensitive websites users visit. The goal is to help users recall websites they’ve been to. But while Recall’s data store is supposed to be saved encrypted on each person’s computer and not in the cloud, experts complained it would still be a great security risk. So on Friday Microsoft announced that Recall will be off by default. Second, to turn Recall on and laster to decrypt the storage a user has to be enrolled in the Windows Hello user identification and access management capability. And third, to search Recall a user will have to show proof of presence on the computer. In other words, a remote hacker can’t get to it. Recall will only run on PCs designated Copilot+ that have certain processors.

It’s easy to publish a malicious Visual Studio extension that could infect companies in Microsoft’s VSCode marketplace, say three Israeli researchers. The marketplace is used by developers to get tools and utilities for applications built with Visual Studio. As a test of the marketplace’s security the researchers created an extension that spoofed the name of a legitimate extension. It copied decriptive information about the computer used by whoever downloaded their tool. Pretty innocent, but it gave proof the tactic works. One victim apparently worked for a multi-billion dollar company. The Bleeping Computer news service, which reported on this, asked Microsoft for comment. As of Sunday morning it hadn’t heard back.

Texas has launched an investigation into allegations several unnamed car manufactures have been secretly collecting mass amounts of data from vehicles and selling it to third parties, including insurance companies. Manufacturers and anyone who bought data have been told by the state’s attorney general to produce documents, including whether vehicle buyers were told about the collection and sale of data.

And application developers using the PHP language should make sure they’re running the latest version. This is because a critical vulnerability was found that could allow an attacker to take control of Windows servers running infected code. The hole was discovered by researchers at Devcore.

Follow Cyber Security Today on Apple Podcasts, Spotify or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.


Related articles

London hospitals cancel over 800 operations after ransomware attack

NHS England disclosed today that a recent ransomware attack on Synnovis has led to the cancellation of hundreds...

Microsoft cancels universal Recall release in favor of Windows Insider preview

Microsoft has decided to cancel the wide release of Recall, the controversial tool for Copilot+ PCs, and instead...

Cyber Security Today, Week in Review for week ending Friday, June 14, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, June 14th,...

A conversation with Senator Colin Deacon: Driving innovation in Canada’s government. Hashtag Trending, the Weekend Edition

Senator Colin Deacon has brought a fresh perspective to the Canadian Senate, leveraging his background as a startup...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways