Microsoft's data wipe feature doesn't work as expected on some versions of Windows and leaves easily accessible data behind, researchers say.
The news was confirmed by Microsoft MVP Rudy Ooms, who published a blog post about his findings and explained it in a bit more detail on Twitter.
As Ooms explained, the Reset PC > Delete everything The option leaves the data in the previous system in Windows 10 version 21H2 and Windows 11 version 21H2. The Wipe and Fresh Start options work as expected in Windows 10 21H1 and Windows 11 21H1, it added.
In most cases, the operating system would create a folder called Windows.old on "erased" or "new" drives, which contains user data, Ooms explains. This is obviously unintentional, as choosing these two options brings up the warning "This deletes all personal and business data and settings on this device."
Solve the problem
To make matters worse, when a user wipes a device, the Windows.old folder also contains previously encrypted data, but it is now decrypted. Also, OneDrive files marked "Always keep on this device" will also remain in the Windows.old folder.
On the other hand, wiping the drive also removes Bitlocker, which could be a problem for some users who use Bitlocker to safely back up important data.
At this time, Microsoft does not have a solution to the problem. However, Ooms says that he created a PowerShell script as a workaround. Those looking for a full and complete wipe of all data should first run the script and then proceed with the cleanup.
Reporting the news, Tom's Hardware also says that users can manually delete this data, removing the Windows.old files after deleting them. After that, they can use the free space utility to make sure that the data recovery (*10*) cannot recover the sensitive data.
Users should always double check the contents of the drive after erasing, the post concludes, because not only can they find their old files on Windows.old, but also on other storage hardware installed on the device.
Via: Tom's Hardware