A clever techie, Rudy Ooms, has found a worrying bug in Windows 10 and Windows 11. The Wipe and Fresh Start options are supposed to remove all user data from a computer but leave really obvious files behind and unencrypted.
The problem is the Windows feature which is advertised as “Remove Everything: Removes all of your personal files, apps and settings.”
There are variations on this depending on the Windows deployment. Managed devices can have Remote Wipe or Remote Protected Wipe (DoWipe and DoWipeProtected methods in PowerShell).
This is a commonly used feature by people who are selling their computer or handing a machine back to their company. Based on Microsoft’s own wording, you should be able to wipe a computer of all your personal info, leaving just Windows. That’s NOT happening.
What’s left behind
All of Microsoft’s wording is clear that NO personal data is left behind after a Reset/Wipe but that’s not happening.
The Windows.old folder is left untouched by a Reset / Wipe.
/Windows.old is a backup of Windows made before a major update. It’s large and is usually deleted automatically after a few weeks.
It contains personal data and documents.
Windows 10 21H2 and Windows 11
It seems something changed in the latest Windows 10 major update and Windows 11 which has broken the DoWipe feature.
Office Watch has comprehensive guides to both Windows 10 and 11:
Windows 11 for Microsoft Office users
Windows 10 for Microsoft Office users – 2022 edition
Windows 10 21H2 does not remove user data from Windows.old but the earlier 21H1 update did.
All Windows 11 versions are affected.
Microsoft’s troubling response
Microsoft’s initial response is both troubling and typical. Instead of acknowledging the problem, they try to ‘explain it away’ as a ‘expected behavior’.
Hopefully more senior Microsofties will realise that even if this is ‘expected’ it’s not right. If intended, why was there a change in Win10 21H2/Win11 without notification to customers?
Rudy Ooms has a forensic explanation of the faulty wipe including Microsoft’s initial explanation that this behaviour is ‘expected’ which makes no sense at all.
Mr Ooms also has a PowerShell script which works around the problem for administrators.
Alas some Microsoft fanboys will diss Rudy for publicly pointing out the problem, especially since he’s a Microsoft MVP. He’s done everyone a service, including Microsoft, by letting everyone know about this serious privacy breach.
The ball is in Microsoft’s court with the ‘shot clock’ ticking. Let’s see how long it takes for the company to admit their mistake and fix it.
Office Watch has comprehensive guides to both Windows 10 and 11:
Windows 11 for Microsoft Office users
Windows 10 for Microsoft Office users – 2022 edition
