A newly revealed issue in Microsoft's image-snipping tools in both Windows 10 and 11 have been discovered by one of the people who first reported on a similar problem in Google's Pixel screenshot tool Markup. The reverse engineering researcher David Buchanan posted his findings earlier today on his Twitter account,
holy FUCK.
— David Buchanan (@David3141593) March 21, 2023
Windows Snipping Tool is vulnerable to Acropalypse too.
An entirely unrelated codebase.
The same exploit script works with minor changes (the pixel format is RGBA not RGB)
Tested myself on Windows 11 https://t.co/5q2vb6jWOn pic.twitter.com/ovJKPr0x5Y
The post shows that when Buchanan took a screenshot with the Microsoft Windows 11 Snipping Tool and then saved it, he could then crop the image, save that image to the same file, and show that the "cropped" data hasn't been deleted after all.
This flaw means that someone could bring back the data from the part of the image that was cropped in mostly the same way the Pixel-based cropped image could be recovered. Buchanan stated, "The same exploit script works with minor changes (the pixel format is RGBA not RGB)." He added in a later post that the same issue is found with Microsoft's Snip & Sketch tool included with Windows 10, but apparently not with the original Windows 10 snipping tool.
These exploits could in theory be used by hackers to reveal previously cut-out sensitive information in images, like passwords, credit card numbers, bank accounts, and more. They are all been labeled collectively as the "Acropalypse". Google has since patched this issue in its Pixel phones. As of this writing, Microsoft has yet to comment on this issue.
10 Comments - Add comment