Brave Browser Will Block Windows Recall Functionality

📟 News

Date: 25/07/2025

The developers at Brave Software announced that their browser will now block the Windows Recall functionality by default. This ensures that Windows cannot take screenshots of Brave windows, maintaining the privacy of users.

The AI function Recall was first introduced in May 2024. It is designed to help “remember” any information that the user has viewed in the past, making it accessible through a simple search. Recall takes a snapshot of any active window on the screen every few seconds, recording everything happening in Windows, whether it’s browsing websites in a browser, chatting in a messenger, or working with other applications.

After the announcement, Recall faced harsh criticism from cybersecurity experts and privacy advocates. Specialists compared the feature to a keylogger and demonstrated that it could be used for data theft.

In response to criticism, Microsoft has postponed the launch of Recall and announced that it will provide additional security by making the feature optional and encrypting the database so that it is inaccessible until the user authenticates via Windows Hello.

In December 2024, Recall became available again to participants in the Windows Insiders program, but users once again discovered issues and criticized the company: it turned out that Recall saves credit card numbers, social security numbers, and other confidential information, even if it is prohibited.

In the spring of 2025, Microsoft began rolling out Windows Recall to all users who installed the Windows 11 update KB5055627 on Copilot+ PCs. Shortly thereafter, the feature became available to anyone who installed the May updates.

The developers of Brave have now announced that they have decided to proactively add a feature to their browser that will prevent Recall from capturing the content of windows.

“Given that Brave places a strong emphasis on default settings that ensure maximum privacy, and what is at stake (your entire browsing history), we have preemptively disabled Recall for all Brave tabs,” the company states. “We believe it is important that your activity in the Brave browser does not accidentally end up in a permanent database, which can be particularly susceptible to misuse in sensitive situations (for example, in cases of partner abuse).”

On GitHub, the developers of Brave explain that they used Microsoft’s SetInputScope API and set the value to IS_PRIVATE for all browser windows. This informs Windows that the content of the windows should not be captured or indexed by Recall.

“Microsoft claims that a web browser can use SetInputScope to set the scope to the IS_PRIVATE value, so that Recall does not save the user’s browsing history. We can forcibly set this value for all windows in the renderer_widget_host_view,” the company says.

The innovation has already been implemented in Brave Nightly builds and is expected to roll out to stable releases in the coming weeks.

Recall that in May of this year, the developers of the Signal messenger made a similar decision and also blocked the Recall functionality by default, stating that Microsoft simply left them no other choice.

Related posts:
2025.03.28 — Zero-day vulnerability in Windows results in NTLM hash leaks

Security experts reported a new zero-day vulnerability in Windows that enables remote attackers to steal NTLM credentials by tricking victims into viewing malicious files in Windows…

Full article →
2025.04.16 — Android devices will restart every three days to protect user data

Google introduces a new security feature for Android devices: locked and unused devices will be automatically restarted after three days of inactivity to return their memory to an…

Full article →
2025.02.01 — Critical RCE vulnerability fixed in Cacti

A critical vulnerability has been discovered in the open-source Cacti framework: it enables an authenticated attacker to remotely execute arbitrary code. Vulnerability's ID is CVE-2025-22604; its…

Full article →
2025.04.10 — April updates released by Microsoft cause issues with Windows Hello

Microsoft warns that some Windows users who have installed the April updates might be unable to login to their Windows services using Windows Hello facial recognition…

Full article →
2025.02.03 — PyPI introduces a project archival system to combat malicious updates

The Python Package Index (PyPI) introduces a new project archival system: a project can now be archived to notify users that it's not expected to be updated…

Full article →
2025.03.05 — Polish Space Agency disconnects its network due to hacker attack

Last weekend, the Polish Space Agency (POLSA) had to disconnect all of its systems from the Internet to localize an attack targeting its IT infrastructure. After discovering the intrusion,…

Full article →
2025.03.26 — Cloudflare to block all unencrypted traffic to its APIs

According to Cloudflare, effective immediately, only secure HTTPS connections to api.cloudflare.com will be accepted; while all HTTP ports are to be closed. The purpose of this decision…

Full article →
2025.04.01 — Hackers abuse MU plugins to inject malicious payloads to WordPress

According to Sucuri, hackers store malicious code in the MU-plugins (Must-Use Plugins) directory in WordPress and execute it while remaining undetected. The technique was first discovered…

Full article →
2025.02.05 — Google patches Android zero-day vulnerability exploited by hackers

Google released the February set of patches for Android. In total, they fix 48 bugs, including a kernel zero-day vulnerability actively exploited by hackers. The zero-day's…

Full article →
2025.03.10 — Nearly a million Windows computers impacted by a malvertising campaign

According to Microsoft, nearly 1 million Windows devices fell victim to a sophisticated malvertising campaign in recent months. Cybercriminals were able to steal credentials, cryptocurrency, and sensitive…

Full article →