Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
The Snipping Tool app can compromise sensitive data on your PC
3 min. read
Updated onOctober 4, 2023
updated onOctober 4, 2023
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Key notes
We all know that Microsoft’s operating systems are far from being 100% safe, and the tech giant is trying to fix tens, maybe even hundreds of vulnerabilities each month.
This month, for example, the tech company addressed a number of75 CVEs, some of them being under active exploitation in the wild.
Now, users found another weak spot in Microsoft’s defense and have posted warnings about it all over social media platforms.
Did you think using an innocent app such as Snipping Tool was nothing to worry about? Well, you might want to rethink that, as recent information confirms the exact opposite.
Be careful when using the Windows 10&11 Snipping Tool
Yes, we are talking about a newly revealed issue in Microsoft’s image-snipping tools in both Windows 10 and 11, that has been just discovered.
In fact, this discovery was made by one of the people who first reported on a similar problem in Google’s Pixel screenshot tool Markup.
You should know that the reverse engineering researcher David Buchanan posted his findings earlier today on his Twitter account.
holy FUCK.Windows Snipping Tool is vulnerable to Acropalypse too.An entirely unrelated codebase.The same exploit script works with minor changes (the pixel format is RGBA not RGB)Tested myself on Windows 11https://t.co/5q2vb6jWOnpic.twitter.com/ovJKPr0x5Y
If you didn’t quite get the bigger picture yet, allow us to explain. The post shows that when the user took a screenshot with the Windows 11 Snipping Tool and then saved it, then he could crop the image, save the image to the same file, and show that the cropped data hasn’t been deleted after all.
In more common terms, this vulnerability means that someone could actually bring back the data from the part of the image that was cropped.
And, yes, this can be achieved in mostly the same way the Pixel-based cropped image could be also recovered.
The post’s author also stated that the same exploit script works with minor changes, as the pixel format is RGBA and not RGB.
What is more concerning is what he actually added in a later post, in which he specified that the same issue is found with Microsoft’s Snip & Sketch tool included with Windows 10.
This also applies to the “Snip & Sketch” tool in Windows 10.
What’s important and also interesting at the same time here is that, apparently, this doesn’t happen with the original Windows 10 Snipping Tool.
Please keep in mind that, in theory, these exploits could be used by hackers to reveal previously cut-out sensitive information in images, like passwords, credit card numbers, bank accounts, and more.
Collectively, all these have been dubbed the Acropalypse. Know that Google has since patched this issue in its Pixel phones.
However, we are yet to see a post from Microsoft, acknowledging what happened and saying it is currently working on a solution.
Have you also found evidence of foul play in the Sniping Tool? Share your experience with us in the comments section below.
More about the topics:Windows 11 Software & Apps
Alexandru Poloboc
Tech Journalist
With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor, as well as TV and radio entertainment show host.
A certified gadget freak, he always feels the need to surround himself with next-generation electronics.
When he is not working, he splits his free time between making music, gaming, playing football, basketball and taking his dogs on adventures.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Alexandru Poloboc
Tech Journalist
With a desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter.
