The official Windows 10 data wiping tool can actually leave user info remaining
Some Windows 10 and Windows 11 versions aren’t fully deleting data
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Microsoft’s data wiping feature isn’t working as intended on some versions ofWindows, and is leaving behind data that can be easily accessed, researchers have claimed.
The news was confirmed by Microsoft MVP Rudy Ooms, who published ablog poston his findings, as well as explained it in a bit more detail over on Twitter.
As Ooms explained, theReset PC > Remove Everythingoption leaves data on the old system in bothWindows 10version 21H2, andWindows 11version 21H2. Both Wipe and Fresh Start options work as intended on Windows 10 21H1 andWindows 1121H1, he added.
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time. Thank you for taking part.
Click here to start the survey in a new window«
In most cases, the OS would create a folder called Windows.old on the “wiped” or “fresh start” disks, containing user data, Ooms says. This is obviously not by design, as choosing these two options prompts the warning “This removes all personal and company data and settings from this device.”
Fixing the problem
To make matters worse, when a user wipes a device, the Windows.old folder also contains previously encrypted data, but now it’s decrypted. Furthermore, OneDrive files marked as “Always keep on this device” will remain in the Windows.old folder, as well.
On the other hand, wiping the drive also removes Bitlocker, which could be a problem for some users who use Bitlocker to safelybackupimportant data.
For the time being, Microsoft does not have a fix for the problem. However, Ooms says he’s created a PowerShell Script, as a temporary solution. Those looking for an utter and complete wipe of all data should first run the script, and then proceed with the cleanup.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Data Security: What is it?>How to securely destroy your data>Stellar launches data recovery-proof erasure tool
Reporting on the news,Tom’s Hardwarealso says that users can manually remove this data, by deleting the Windows.old files following the wipe. After that, they can use a wipe-free space utility, to ensure the sensitive data can’t be recovered by a data recovery tool.
Users should always double-check the contents of the drive after wiping, the publication concludes, as they can not only find their old files in Windows.old, but also on other storage hardware installed on the endpoint.
Via:Tom’s Hardware
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
7 myths about email security everyone should stop believing
Best Usenet client of 2024
Your doctor may have an AI assistant taking notes during your next Zoom call
