Due to security concerns, Microsoft has thoroughly revealed its plans to overhaul the contentious AI screenshot feature Recall. Initially scheduled to launch with Copilot Plus PCs in June, Microsoft has redesigned its security architecture over recent months, transforming Recall into an optional experience for users and enabling complete uninstallation from Windows.

David Weston, Microsoft's Vice President of Enterprise and Operating System Security, stated that Recall is no longer enabled by default and requires users to opt-in. This change is crucial for users who prefer not to use the feature. Additionally, Microsoft has confirmed that users can now entirely remove Recall, including its underlying AI models.

In terms of security, Microsoft has comprehensively upgraded Recall. The previously unencrypted screenshot database is now fully encrypted and protected by Windows Hello to prevent malware access. The encryption keys are stored in the Trusted Platform Module (TPM) required by Windows 11 and are accessible only after user verification via Windows Hello.

Microsoft has also placed screenshot processing and sensitive operations within a virtualization-based secure environment, ensuring that the UI application layer cannot directly access raw screenshots or the Recall database. When users interact with Recall, the system prompts Windows Hello, queries the virtual machine, and returns data to the application memory. Once the user closes the Recall application, the data in memory is destroyed.

Furthermore, Microsoft has restricted Recall's usage to only run on Copilot Plus PCs and requires these devices to have security features such as BitLocker, virtualization-based security, measured boot, and system protection. Microsoft has also conducted multiple rounds of security reviews and penetration testing to ensure Recall's security.

Functionally, Microsoft has added more settings to Recall, allowing users to filter specific applications and websites, as well as delete content from particular timeframes or sources. Recall will also be capable of filtering sensitive information such as passwords, credit card details, health, and financial data.

Microsoft stated that the preview version of Recall will be released in October to Copilot Plus PC users participating in the Windows Insider Program, further testing and refining the feature. This means Recall will undergo additional user feedback and testing before its official launch.