Microsoft has made the decision to delay once again the publication of its new artificial intelligence tool, a reminder, while the company works by trying to ensure that all the practical data it provides cannot be abused by The opponents.
The recall tool will be part of the suite of services provided via the AI software AI of Microsoft, Copilot +. The recall work, once deployed, will be to bring together “snapshots” of each action on the PC to be accessible later thanks to easy search. The software will be able to “recall” the exact moment when the user has seen a website, used an application or interaci with a document.
Aside from convincing use cases, information security professionals have reluctant to the ability of the recall to keep its snapshots in safety potential threat actors. For its part, Microsoft took these cybersecurity problems seriously. In June, Microsoft announced that he had added new Confidentiality and security characteristics to recall Just days before its planned deployment date. This version was finally postponed in October to take additional measures to consolidate the safety of the tool. Now the release date has been postponed.
“We are committed to providing a secure and reliable experience with a reminder,” according to a press release on the delay of Brandon Leblanc, senior product manager for Windows. “To make sure to deliver these important updates, we take more time to refine the experience before previewing it with Windows Insiders. Originally scheduled for October, the recall will now be available for the preview with Windows Insiders On Copilot + PC by December. “
Microsoft is committed to the secure reminder
At the end of September, David Weston, vice-president of business security and the Microsoft operating system, detailed the company’s commitment to the Recall data security, Stressful The tool is only opt-in, encrypted and includes protection against malware; And, its data is protected in a safety enclave based on virtualization (VBS) inaccessible by users of administration and nucleus even without biometric authentication.
“The use of VBS enclaves with Windows Hello Hellod ahanced Sign-in Security allows you to decipher the data briefly while you use the recall function to search. The authorization will be deactivated and will force the user to authorize access to Future sessions, “wrote Weston. “This restricts attempts at latent malicious software that try to” ride “with user authentication to steal data.”
Weston also assured persons concerned with recall security according to which: private navigation information is never recorded by the recall; Users have the possibility of filtering specific sites or applications of recall recording; Content filtering prevents data from the credit card and social security from being stored; Users can delete information stored by date, content, application or website; And an icon clearly shows when the snapshots are saved, so that users can easily suspend the function.
“The secure design and implementation of the recall provide a solid set of controls against known threats,” added Weston. “Microsoft undertakes to put the power of the AI available to everyone, while retaining security and privacy against even the most sophisticated attacks.”
Is Microsoft Eeling Claude’s “use” functionality?
Microsoft seems to take the warnings of the Cybersecurity Community on potential recall risks, the founder of Bugcrowd told Dark Reading told Dark Reading. Redmond could also have an eye on a recent version of a similar tool in Claude AI of Anthropic before deploying a reminder, he adds.
“After the initial reaction to the recall – and some of the concerns of security and confidentiality raised by the way in which it was implemented – Microsoft seems to rush slowly here,” explains Ellis. “I would not be surprised if they take advantage of the opportunity to know how the market reacts and uses the” usein user “functionality of Anthropic, which is very similar to the recall from a confidentiality point of view, security and features. “
Released a few days ago, the computer use functionality Allows Claude’s latest version to interact with a computer in the same way as a human. Claude’s new feature, such as recall, ingests screenshots from computers connected to the Internet. And in its announcement of October 22 of the press release, Anthropic admitted that the tool is indeed included with inherent cybersecurity risks.
“In this spirit, our confidence and security teams have carried out an in -depth analysis of our new computer use models to identify potential vulnerabilities,” said the publication announcement. “A concern they have identified is Quick injection – a type of cyber attack When malicious instructions are transmitted to an AI model, which does it besides either in addition to its previous instructions, or carry out involuntary actions which depart from the original intention of the user. “”
Anthropic added that he hoped to solve this problem and others in its public beta phase, which will certainly be a great interest in Microsoft because it works thanks to its recall version.
According to Anthropic, Claude will not use this data submitted by the user to form his own AI model. But with regard to Microsoft, the security consultant John Bambenek is not so sure that the recall will adhere to the same standard.
“AI systems require tons of data, which means that Microsoft wants all the data on how users interact with their computers,” said Bambenek. “I am not sure that the functionality is terribly useful for end users, however, it is certainly for Training of future models. It has enormous confidentiality implications, so I hope that the delay is useful in terms of risks minimization and potential damage to end users. “”
While Microsoft security teams and anthropic functionalities are moving, Patrick Harr, CEO of Slashxt Email Security, warns that these tools remain vulnerable to cyber attack.
“We continually see phishing and socially modified attacks of professional groups, imitating the assistance personnel who target business users, either by e-mail, other messaging applications or even bot calls to provide Remote access to their office computers, “said Harr. “Once accessible to the recall, threat actors have a perfect chronology and information on this user who can be exploited. Proceed with caution until this update is finished.”