Security researcher Hagenah flagged a flaw in Windows 11's Recall feature: while the encrypted vault remains airtight, the handoff to the background process AIXHost.exe does not. By injecting a DLL into that process, his TotalRecall Reloaded tool can run without admin rights, then listen in whenever a user opens Recall and authenticates with Windows Hello.

Once the user authenticates, the tool silently captures screenshots, OCR‑derived text, and metadata that Recall ships to AIXHost.exe. It can also pull the most recent screenshot, harvest database metadata, or even wipe the entire Recall store without further Windows Hello prompts. Hagenah notes the tool never cracks the VBS enclave; it merely rides along with the user’s legitimate authentication.

Microsoft’s response classified the issue as “not a vulnerability” and said no fix is planned. The researcher reported the behavior to the Security Response Center on March 6, and the company issued its ruling on April 3. For enterprises relying on Recall for sensitive note‑taking, the finding means data can be exfiltrated by any low‑privilege attacker who can load the DLL.