There is a rather serious vulnerability in the Snipping Tool in Windows 11, which allows you to partially or completely restore data removed from cpatures. A similar issue called "aCropalypse" is present in the screenshot tool on Google Pixel smartphones.
It just adds the modifications you have done to the original image to the end of the image. This preserves the original image untouched, with the modified one written to the same file after the initial data.
This issue is widely known as a vulnerability dubbed "aCropalypse". Such PNGs can be used by attackers to rediscover what sensitive information you cropped or blurred. It was first discovered in Google's Pixel firmware. It is surprising to see it in the Snipping Tool, as the software should not share code portions.
The issue becomes serious if you take a screenshot of a page that contains a bank card number, postal address, or other sensitive information. By cropping or blurring the image you probably assume it will permanently delete the modified data. However, this does not actually happen, making it possible to restore the original image. Sharing such images will leak your personal data can even cause the theft of funds from your bank card.
It is easy to test if your Snipping Tool is affected by the bug.
- Capture a screenshot, and save it to a file.
- Make note the size of the saved file.
- Heavily crop the image and then save it (Ctrl + S).
- See the size of the file. If it grew instead of becoming smaller, your Snipping Tool is affected by the bug.
Microsoft is aware of the issue and has issued an update. Snipping Tool 11.2302.20.0 fixed the bug. Currently, it is only available to Insiders. After installing this update, you shouldn't be able to reproduce the scenario any longer.
Via @David3141593, bleepingcomputer
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options: