(Intune) Factory reset creates windows.old folder

Question

I'm trying to get clear if this is normal behavior or something that recently happened.

If we wipe a device with Intune (without checkboxes like "keep data" checked) the wipe action creates a folder windows.old where some user data is still available. That is not correct because a wipe should as it says "delete all personal and company data".

If we reset a personal device, not enrolled/AD joined in Intune, the same happens.

Used a recent version (21H1) to test.

If you want to sell your old personal device, re-assign a company device or if it's stolen, there should no data being left on the device, after a reset/wipe.

Anyone else who experiences this? Or is this normal behavior which we just found out? One Microsoft support engineer says "by design" where another one says "not normal, that could be a security issue".

Edit 24/2/2022: See this blog for a (temporary) solution: https://call4cloud.nl/2022/02/the-dark-and-the-windows-11-remote-wipe/

Edit 25/2:

This issue has been described today in the Service Health Center (IT336291, Microsoft Intune) for Office 365 admins, with a link to: https://support.microsoft.com/en-us/topic/kb5012334-delete-the-windows-old-folder-using-storage-sense-in-the-settings-app-e12f9d84-ad7f-4780-9406-465670157f8e

Answer 1

Hi Sumit,

I just tried it with a fresh installation (personal, not connected to any company):

• old installation, personal Microsoft account connected to OneDrive
• re-install (factory reset without keeping personal files)
• after installation there is a windows.old folder
• In that folder I can see my own "user"-folder with files. OneDrive items that are synced local are there. Online items are visible but not clickable.

I hardly believe this is how it's supposed to work. If I want to sell my personal device I have to:

>re-install

>login to delete the folder windows.old

>but as I'm forced to login with a Microsoft account, a new User folder is created

>re-install to get rid of it

>but a re-install creates a windows.old folder....

The only way I guess to 100% clean up the device is to create a bootable windows installation USB and delete the partitions. I can do that, but I think most users don't know how to.

Answer 2

Hi Sumit,

If we reset a personal device, not enrolled/AD joined in Intune, the same happens.

Answer 3

Hi Sumit,

I've checked and I have two options: Keep my files or Remove Everything. The install was a local install because I assume most people will choose that. After I choose that I get a warning that all personal files and accounts will be deleted. But when the process is finished, there is a new created folder windows.old with the user files.

I have tested this myself with a personal device and I have contact with someone who found this out when wiping a company device.

It looks like a bug in the Windows-reset process.

Answer 4

Thank you for the reply. As Reset is similar to reinstalling Windows, it is the expected behavior. I believe it should not have any personal data.

Answer 5

Hi edje,

I am Sumit here to assist you with this question.

Intune isn't supported here.

Server, IT Pro, and development questions are best handled on our sister Site QA as this is only a Windows consumer only forum:

https://docs.microsoft.com/en-us/answers/index....

Please add the appropriate tags to your question there.