Windows users, your cropped images may not be private
Have you heard about the recent discovery made by researchers regarding the Pixel's cropping tool? They found out that the tool did not fully remove the data that was deleted and that the deleted portions of the image could still be accessed with some effort.
Now, one of the same researchers has reported that the Snipping Tool for Windows 11 and the Snip & Sketch tool in Windows 10 have a similar vulnerability. This means that the information that users thought they had deleted may still be available on the internet, potentially causing privacy concerns.
David Buchanan, a researcher, has revealed via a tweet that the vulnerability in Microsoft's Snipping Tool can be exploited by taking a screenshot, saving it, cropping it, and saving it again to the same file. This process may leave the deleted data accessible within the file. As per Buchanan, one can use a similar code to the one used for accessing Pixel screenshots to retrieve the data, with minor modifications.
Windows Snipping Tool is vulnerable to Acropalypse too.
An entirely unrelated codebase.
The same exploit script works with minor changes (the pixel format is RGBA not RGB)
Tested myself on Windows 11 https://t.co/5q2vb6jWOn pic.twitter.com/ovJKPr0x5Y
— David Buchanan (@David3141593) March 21, 2023
It seems that the vulnerability in Microsoft's Snipping Tool is not very widespread. According to Buchanan, the exploit requires a specific sequence of actions involving saving, cropping, and saving again. Therefore, if the initial screenshot only includes a particular part of the screen, the exploit may not work. Although the Snip & Sketch tool in Windows 10 reportedly has the same vulnerability, Buchanan claims that the original Snipping Tool for Windows 10 does not have this issue.
Recently, Buchanan and fellow researcher Simon Aarons had warned about the "acropalypse" vulnerability affecting Pixels, emphasizing that even if this issue gets fixed, the problem does not go away entirely. The images created using the tool might still exist, and the portions that were intended to be cropped out may remain unaltered, leading to privacy concerns.
Introducing acropalypse: a serious privacy vulnerability in the Google Pixel's inbuilt screenshot editing tool, Markup, enabling partial recovery of the original, unedited image data of a cropped and/or redacted screenshot. Huge thanks to @David3141593 for his help throughout! pic.twitter.com/BXNQomnHbr
— Simon Aarons (@ItsSimonTime) March 17, 2023
Following the announcement of the "acropalypse" vulnerability, there has been an increased interest in examining other screenshotting tools. Chris Blume, who chairs the working group for the PNG image format that Snipping Tool uses, drew attention to the issue by tweeting that Snipping Tool may not truncate files accurately when overwriting existing images. Blume's tweet was instrumental in Buchanan's discovery of the vulnerability in Snipping Tool.
I've got a fun one for you all to look at.
I opened a 198 byte PNG with Microsoft's Snipping Tool, chose "Save As" to overwrite a different PNG file (no editing), and saves a 4,762 byte file with all that extra after the PNG IEND chunk.
Sounds similar :D
— Chris Blume (@ProgramMax) March 21, 2023
Microsoft is investigating the issue
"We are aware of these reports and are investigating. We will take action as needed to help keep customers protected." – Jeff Jones, Sr Director, Microsoft
The recent discovery of vulnerabilities in screenshotting tools such as Microsoft's Snipping Tool has once again highlighted the ongoing challenge of maintaining data security in our increasingly digital world. The fact that these tools did not fully remove deleted data indicates the need for increased scrutiny of technology to ensure user privacy.
The warning about the "acropalypse" vulnerability affecting Pixels is a reminder that even seemingly minor issues can have far-reaching consequences. As we continue to rely more and more on technology, it is imperative that we prioritize data security to safeguard sensitive information and ensure that our digital footprints remain protected.Advertisement