Recently, researchers have found that Microsoft’s resident data wiping feature isn’t performing exactly as intended. While marketed as a data wiping utility that works hand in hand with the Windows 10 and 11 update and factory reset tool, the utility is leaving valuable and vital user information behind. As researchers have recently discovered the data left behind can be easily located and therefore used should a ‘wiped’ device and up in someone else’s hands.
The news has subsequently been confirmed by Microsoft MVP Rudy Ooms in a blog post concerning his findings. Ooms also took to Twitter to release a more detailed explanation of the issue. As Ooms explains, hitting the ‘Reset PC’ and ‘Remove Everything’ options on Windows 10 and 11 doesn’t actually remove all of the user data. Instead, it stores this information on the old system in both versions of Windows. This issue has only been identified so far on Windows 10 and 11 version 21H2. In previous versions of both operating systems, namely version 21H1 of Windows 10 and 11, the windows data wiping feature works as intended.
Researchers noticed that in most cases, user data that had not been removed was being stored in newly created folders called Windows.old. These folders would appear on the ‘fresh start’ or ‘wiped’ discs. In a statement, Ooms said that this process was not occurring by design. Proof of this is that when selecting either of the options, users are presented with prompts that warn them of the impending removal of all personal and company data and settings from the current device.
An even more disturbing turn of events, the Windows.old folder was discovered to contain previously encrypted data that in its current state had been decrypted. Furthermore, any files that had been marked in OneDrive as ‘always keep on this device’ also remained in the Windows.old folder.
Microsoft does not currently have a fix for the problem. Ooms has however said that he has created a PowerShell script that will act as a temporary solution. Anyone intent on performing complete data wipes of their Windows 10 or Windows 11 devices should run the script first and then initiate the Microsoft cleanup utility.
If you haven’t yet had to wipe personal data or perform a factory reset on your device, read our article on resetting Windows 10 and 11. You might also enjoy our guide on upgrading Windows 10 to the new Windows 11 operating system.
