A researcher has discovered that Windows 11 has the same flaw as the Google Pixel: images taken with the Snipping Tool can be “recomposed” even if you’ve modified them.
Credit: 123rf
Credit: 123rfTwo researchers had uncovered a flaw in the Google Pixel screenshot editing tool that allows malicious people to undo changes made to an image and extract sensitive information from it. That’s what a cybersecurity expert named Christian Blume found out The Windows 11 Snipping Tool is affected by the same issue. Apparently, he was quick to share his discovery on Twitter.
See more
I have a fun one for you all to watch.
I opened a 198 byte PNG with Microsoft’s Snipping Tool, chose “Save As” to overwrite another PNG file (no editing), and a 4,762 byte file with all the extras after the PNG IEND chunk saved.
Sounds similar 😀
—Chris Blume (@ProgramMax) March 21, 2023
If you’re used to posting edited photos via the Windows 10 or Windows 11 snipping tool, it might be best to wait until Windows is patched. In fact, a malicious Internet user could try to undo the changes you made, even if only partially, and potentially recover sensitive information from the snapshot.
Just like Google’s Pixel, Windows 11 is affected by the “aCropalypse”.
This error would come Processing of PNG files by Windows 11. If you take a screenshot and change it, for example by cropping it, you may think that the size of the file will be smaller after the operation. It is not so. The theoretically deleted data (because it is no longer visible) is actually always saved in the file. A pirate with the necessary know-how can therefore reconstruct the original image.
Partially reconstructed screenshot after modification in Windows 11 / Credit: Bleeping Computer
According to Me Buchanan, who discovered the vulnerability on the Google Pixel 7, the flaw is only exploitable on PNG files, although JPG files are theoretically recoverable as well. Microsoft has of course been informed of the problem and there is no doubt that the company’s engineers are actively working on a solution. Bleeping Computer offers us a temporary solution to this problem “If you open an uncropped PNG file in an image editor like Photoshop and save it to another file, the unused data will end up being deleted, making the file unrecoverable.”
Source: Bleeping Computer