The Windows tool for deletion of personal data has a problem
Surely, in the course of your computer life you will have used the Windows recovery tool that can be found in "Settings" -> "Advanced Options" -> "Reset PC", choosing to remove personal files first to reinstall the operating system. Obviously, if this operation is carried out simply for pure maintenance, for example to have a clean system after several months of use, there are no major problems, but often this feature is also used when you decide to sell or donate your device. to other people. In the latter situation, it is especially important that all personal files are actually removed and deleted.
Unfortunately, Rudy Ooms, Microsoft MVP, has discovered the tool present in Windows 10 and Windows 11 21H2 does not do the job perfectly. his work, both locally and remotely. The man later tested the functionality in other versions of the operating system, verifying that, instead, in Windows 10 and Windows 11 21H1 the operation was carried out correctly. In the table below you can see a summary of the results obtained.
Action in Windows 10/11 Results Remote delete 21H2 User data not removed from Windows.old Delete protected files remotely 21H2 User data not removed from Windows.old Local delete 21H2 User data not removed from Windows. old Local deletion of files in the cloud 21H2 User data not removed from Windows.old Deletion of protected files locally 21H2 User data not removed from Windows.old Remote recovery 21H2 User data not removed from Windows.old All actions of deletion and restore in 21H1 User data removed from Windows.old As you can read, the main problem is the failure to remove the directory called “Windows.old” which contains all the previous personal files present before the restore. Furthermore, even in the case of an SSD or hard disk protected with Bitlocker, when the recovery is carried out Bitlocker is removed and all the files are moved to the Windows.old folder, now no longer encrypted and therefore readable by anyone. Finally, synced files on OneDrive marked with the option "always keep on this device" were also included in Windows.old.
Sorry for ruining your Sunday, but performing a remote or local Wipe on Windows 10 21H2 also leaves the userdata readable in the Windows.old folder #intune #mem #msintune #mempowered
https://t.co/439FCyh59M
- Rudy Ooms | MVP (@Mister_MDM) February 20, 2022
if (jQuery ("# crm_srl-th_hardware_d_mh2_1"). Is (": visible")) {console.log ("Edinet ADV adding zone: tag crm_srl-th_hardware_d_mh2_1 slot id: th_hardware_d_mh2 "); } While waiting for a resolutive patch from Microsoft, Ooms has created a PowerShell script to run before carrying out the operation. The next time you perform a system restore with deletion of personal files, make sure that the Windows.old folder is not present on the main disk or on other storage devices connected to the device.
Unfortunately, Rudy Ooms, Microsoft MVP, has discovered the tool present in Windows 10 and Windows 11 21H2 does not do the job perfectly. his work, both locally and remotely. The man later tested the functionality in other versions of the operating system, verifying that, instead, in Windows 10 and Windows 11 21H1 the operation was carried out correctly. In the table below you can see a summary of the results obtained.
Action in Windows 10/11 Results Remote delete 21H2 User data not removed from Windows.old Delete protected files remotely 21H2 User data not removed from Windows.old Local delete 21H2 User data not removed from Windows. old Local deletion of files in the cloud 21H2 User data not removed from Windows.old Deletion of protected files locally 21H2 User data not removed from Windows.old Remote recovery 21H2 User data not removed from Windows.old All actions of deletion and restore in 21H1 User data removed from Windows.old As you can read, the main problem is the failure to remove the directory called “Windows.old” which contains all the previous personal files present before the restore. Furthermore, even in the case of an SSD or hard disk protected with Bitlocker, when the recovery is carried out Bitlocker is removed and all the files are moved to the Windows.old folder, now no longer encrypted and therefore readable by anyone. Finally, synced files on OneDrive marked with the option "always keep on this device" were also included in Windows.old.
Sorry for ruining your Sunday, but performing a remote or local Wipe on Windows 10 21H2 also leaves the userdata readable in the Windows.old folder #intune #mem #msintune #mempowered
https://t.co/439FCyh59M
- Rudy Ooms | MVP (@Mister_MDM) February 20, 2022
if (jQuery ("# crm_srl-th_hardware_d_mh2_1"). Is (": visible")) {console.log ("Edinet ADV adding zone: tag crm_srl-th_hardware_d_mh2_1 slot id: th_hardware_d_mh2 "); } While waiting for a resolutive patch from Microsoft, Ooms has created a PowerShell script to run before carrying out the operation. The next time you perform a system restore with deletion of personal files, make sure that the Windows.old folder is not present on the main disk or on other storage devices connected to the device.