“The short-term repair is pretty simple. Microsoft may add stronger code integrity and course of protections to AIXHost.exe, the method that renders the Recall timeline. Proper now, it has none, which makes the injection path potential. That might block the particular method I demonstrated and materially increase the bar,” he stated.
The longer-term downside runs deeper, he stated. “Microsoft ought to rethink how decrypted knowledge is dealt with after it leaves the enclave. The cryptography and enclave design are genuinely properly performed, and I wish to be clear about that. The issue is that plaintext screenshots and extracted textual content find yourself in an unprotected course of for show. So long as decrypted content material crosses right into a course of that same-user code can entry, somebody will discover a manner in,” he stated.
“A sturdy repair would imply both rendering inside a protected course of or adopting a compositing mannequin the place uncooked knowledge by no means leaves the belief boundary. That may be a greater effort, however it’s the solely technique to shut this class of challenge correctly,” he stated.
