Windows 11 security flaw exposes cropped-out screenshot data
Microsoft is investigating the vulnerability.
It's not just Android phones that are vulnerable to a screenshot security flaw. Developer Chris Blume has discovered that Windows 11's Snipping Tool falls prey to a similar exploit. The utility doesn't completely erase unused PNG image data, making it possible to recover some of the cropped-out picture and potentially obtain sensitive data. As BleepingComputer verified with researcher David Buchanan, you can extract the supposedly hidden info using a slightly modified version of the script used to demonstrate the Android vulnerability.
The issue doesn't affect some PNG files, including optimized images. You can also wipe the unused data by saving the cropped picture as another file in an image editing tool. JPEG files also leave data from the original screenshot, but the exploit isn't known to work with the format at this stage.
Windows Snipping Tool is vulnerable to Acropalypse too.
An entirely unrelated codebase.
The same exploit script works with minor changes (the pixel format is RGBA not RGB)
Tested myself on Windows 11 https://t.co/5q2vb6jWOn pic.twitter.com/ovJKPr0x5Y
— David Buchanan (@David3141593) March 21, 2023
We've asked Microsoft for comment and will let you know if we hear back. In a statement to BleepingComputer, Microsoft says it's "investigating" the security reports and will "take action as needed" to protect users.
Buchanan and programmer Simon Aarons recently found a severe "aCropalypse" flaw in the Markup screenshot feature on Google Pixel phones. While Google has since patched the security hole with its March update (now expanded to Pixel 6 phones), the fix only addresses images created after installing the patch. Provided Microsoft releases a corresponding Windows 11 update, existing images may have the same problem.
The concern, as you might guess, is that an intruder with access to your images might use a script to recover information you intend to hide, such as contacts and business secrets. The culprit could use the info for harassment, blackmail or espionage. While this may not be as much of a headache for locally stored screenshots (you have larger problems if an attacker already has access to your device), it could be very troublesome for unmodified images you save in the cloud.