"The short-term fix is fairly straightforward. Microsoft could add stronger code integrity and process protections to AIXHost.exe, the process that renders the Recall timeline. Right now, it has none, which makes the injection path possible. That would block the specific technique I demonstrated and materially raise the bar."
"Microsoft should rethink how decrypted data is handled after it leaves the enclave. The cryptography and enclave design are genuinely well done, and I want to be clear about that. The problem is that plaintext screenshots and extracted text end up in an unprotected process for display."
"A durable fix would mean either rendering inside a protected process or adopting a compositing model where raw data never leaves the trust boundary. That is a bigger effort, but it is the only way to close this class of issue properly."
Microsoft should implement stronger code integrity and process protections for AIXHost.exe to block injection techniques. The handling of decrypted data after leaving the enclave requires rethinking, as plaintext screenshots and extracted text are currently displayed in an unprotected process. A durable solution involves rendering within a protected process or adopting a compositing model to ensure raw data remains within the trust boundary, which is a more significant but necessary effort to address these vulnerabilities.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]