Microsoftβs redesigned Recall protects stored captures inside VBS enclaves with AES-256-GCM, TPM-backed keys, Windows Hello, and PPL protections, but decrypted data is handed off to a less-protected process. TotalRecall Reloaded exploits that trust boundary by injecting a DLL into AIXHost.exe at user privilege to extract screenshots, OCR text, metadata, and indexed activity without bypassing Windows Hello. #TotalRecallReloaded #AIXHostExe
Keypoints
- Recallβs vault uses VBS enclaves, AES-256-GCM, TPM-backed keys, Windows Hello, and PPL for storage protection.
- AIXHost.exe, which renders decrypted timeline data, lacks PPL, AppContainer isolation, and strict code integrity, creating a trust boundary gap.
- TotalRecall Reloaded performs DLL injection using standard user-level APIs without elevation to extract decrypted content from AIXHost.exe.
- The payload exfiltrates full-resolution screenshots, OCR text with pixel-level bounding boxes, metadata, named entities, and AI-generated activity descriptions.
- Some COM interfaces allow pre-auth or inconsistent access, authentication state is cached across the session, and Microsoft closed the report as βNot a Vulnerability.β
Read More: https://thecyberexpress.com/totalrecall-windows-recall-security-gap/