Windows users, your cropped images may not be private

Kerem Gülen
Mar 22, 2023
Updated • Mar 22, 2023

Have you heard about the recent discovery made by researchers regarding the Pixel's cropping tool? They found out that the tool did not fully remove the data that was deleted and that the deleted portions of the image could still be accessed with some effort.

Now, one of the same researchers has reported that the Snipping Tool for Windows 11 and the Snip & Sketch tool in Windows 10 have a similar vulnerability. This means that the information that users thought they had deleted may still be available on the internet, potentially causing privacy concerns.

David Buchanan, a researcher, has revealed via a tweet that the vulnerability in Microsoft's Snipping Tool can be exploited by taking a screenshot, saving it, cropping it, and saving it again to the same file. This process may leave the deleted data accessible within the file. As per Buchanan, one can use a similar code to the one used for accessing Pixel screenshots to retrieve the data, with minor modifications.

It seems that the vulnerability in Microsoft's Snipping Tool is not very widespread. According to Buchanan, the exploit requires a specific sequence of actions involving saving, cropping, and saving again. Therefore, if the initial screenshot only includes a particular part of the screen, the exploit may not work. Although the Snip & Sketch tool in Windows 10 reportedly has the same vulnerability, Buchanan claims that the original Snipping Tool for Windows 10 does not have this issue.

Recently, Buchanan and fellow researcher Simon Aarons had warned about the "acropalypse" vulnerability affecting Pixels, emphasizing that even if this issue gets fixed, the problem does not go away entirely. The images created using the tool might still exist, and the portions that were intended to be cropped out may remain unaltered, leading to privacy concerns.

Following the announcement of the "acropalypse" vulnerability, there has been an increased interest in examining other screenshotting tools. Chris Blume, who chairs the working group for the PNG image format that Snipping Tool uses, drew attention to the issue by tweeting that Snipping Tool may not truncate files accurately when overwriting existing images. Blume's tweet was instrumental in Buchanan's discovery of the vulnerability in Snipping Tool.

Microsoft is investigating the issue

"We are aware of these reports and are investigating. We will take action as needed to help keep customers protected." – Jeff Jones, Sr Director, Microsoft

The recent discovery of vulnerabilities in screenshotting tools such as Microsoft's Snipping Tool has once again highlighted the ongoing challenge of maintaining data security in our increasingly digital world. The fact that these tools did not fully remove deleted data indicates the need for increased scrutiny of technology to ensure user privacy.

The warning about the "acropalypse" vulnerability affecting Pixels is a reminder that even seemingly minor issues can have far-reaching consequences. As we continue to rely more and more on technology, it is imperative that we prioritize data security to safeguard sensitive information and ensure that our digital footprints remain protected.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. basingstoke said on March 23, 2023 at 2:47 pm

    When there is a guide, error, solution that is applicable to many different Windows (7, 8, 10, 11) the authors often wrongly write “for/on Windows 10/11”, but the one time there is a bug specifically with Windows 10/11, they use the generic “Windows” term.

    it’s funny but certain bits of software such a mspaint, snipping tool, notepad, calculator, haven’t needed any updating or improving since at least 2009 – yet MS will change things for the sake of changing them, and cause vulnerabilities. Clowns

  2. Tachy said on March 23, 2023 at 4:33 am

    Could you please be more specific?

    Which “file version”?

    I am still using an older version of snipping tool from 2017 because, privacy.

    Microsoft has often ‘updated’ it against my wishes. I just do the permissions dance and put the old one back.

    1. John G. said on March 23, 2023 at 12:59 pm

      Latest one available at MS Store.

  3. Fred said on March 23, 2023 at 4:10 am

    I wasn’t talking about your comment’s language, which I didn’t even notice. It was the capitalised standalone paragraph in the tweet — within the article itself, and therefore editorial policy of ghacks.

    It’s a tricky matter, but that remark was over the top offensive for me. Different countries and communities, different attitudes.

    1. John G. said on March 23, 2023 at 12:58 pm

      I haven’t seen bad use of language in the article neither. However subjective considerations should be mainly free to be spoken about in these articles so forth. Unless they were against the international woke agenda, of course ;).

    2. Fried_Curly_Chair_Squad said on March 23, 2023 at 11:47 am

      What exactly is “bad language” or “offensive”? Can you point me to it?

  4. Fred said on March 23, 2023 at 12:41 am

    Could we please have no more bad language on this website. It is quite unpleasant and confronting.

    Blasphemy combined with obscenity is about as bad as it gets.

    1. John G. said on March 23, 2023 at 2:05 am

      Are you ok, dude?

  5. John G. said on March 22, 2023 at 10:14 pm

    W11 latest update to the its Snipping Tool has been a complete disaster of desing, the buttons to edit the image has been placed at the bottom of the screen and it collapses behind the ridiculous big taskbar that it’s at the bottom too! Don’t you have any ergonomics psychologyst to say you all that your UI designs are just unuseful crap! Damm it! Thanks for the article by the way.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.