Earlier this month, details emerged about a flaw with Pixel phones’ Markup tool for editing screenshots. Dubbed ‘aCropalypse,’ the flaw allowed malicious actors to restore some or all of a cropped or redacted image.
Now it appears Windows 11 is impacted by a similar flaw.
Developer Chris Blume uncovered that the Windows 11 Snipping Tool is vulnerable to a similar exploit as was used for aCropalypse and shared the finding with Simon Aarons, one of the reverse engineers who discovered aCropalypse, on Twitter.
I've got a fun one for you all to look at.
I opened a 198 byte PNG with Microsoft's Snipping Tool, chose "Save As" to overwrite a different PNG file (no editing), and saves a 4,762 byte file with all that extra after the PNG IEND chunk.
Sounds similar š
— Chris Blume (@ProgramMax) March 21, 2023
Bleeping ComputerĀ verified the exploit with David Buchanan, the other reverse engineer behind aCropalypse, and found that a slightly modified version of the script Buchanan made to extract hidden info from an edited Pixel screenshot worked on the Windows 11 Snipping Tool.
As with Pixel’s Markup software, the Snipping tool doesn’t completely erase unused parts of the PNG image data, such as parts of the image that are cropped out. This data can be partially or fully recovered.
holy FUCK.
Windows Snipping Tool is vulnerable to Acropalypse too.
An entirely unrelated codebase.
The same exploit script works with minor changes (the pixel format is RGBA not RGB)
Tested myself on Windows 11 https://t.co/5q2vb6jWOn pic.twitter.com/ovJKPr0x5Y
— David Buchanan (@David3141593) March 21, 2023
However, it’s worth noting that the problem doesn’t impact all PNG files captured with the Snipping Tool, with optimized images being among those unaffected. Moreover, JPEG files also leave behind data, but so far, the exploit isn’t known to work with that file format. Finally, images that have been saved as another file in an image editing tool should be safe as well.
Microsoft toldĀ Bleeping ComputerĀ it was “aware of these reports and [is] investigating,” and it will take necessary action to protect users.
The flaw doesn’t appear to impact the Windows 10 Snipping Tool. Moreover, Buchanan isn’t publishing the modified scripts for the Windows 11 Snipping Tool since Microsoft hasn’t had a chance to patch it.
Meanwhile, Windows 11 users will want to be careful with what they capture using the Snipping Tool and where they share images. The main concern here is that someone might capture sensitive information in a screenshot and crop it out, but a malicious actor could restore the information using the modified aCropalypse script.
It’s worth noting that Google already pushed out a patch for aCropalypse to Pixel phones, but it doesn’t fix screenshots captured before the update.
Source: Chris Blume, David Buchanan, Bleeping Computer, Via: Engadget
MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.