A new security vulnerability could allow hackers to uncover private information previously edited or cropped out of screenshots.
Microsoft recently rolled out an update to address a screenshot editing vulnerability found in Windows 10 and 11. The vulnerability, dubbed “aCropalypse,” was discovered to allow malicious actors to recover edited parts of screenshots. As a result, sensitive information that was previously cropped out or concealed may be at risk of exposure. The flaw was initially identified by Bleeping Computer, prompting Microsoft to push out a new update to fix the issue.
“Microsoft has revealed that a newly discovered issue (CEV-2023-28303) impacts the Snip & Sketch application on Windows 10 and the Snipping Tool on Windows 11. The company has clarified that the problem only affects specific types of images that have gone through particular steps of cropping and saving.
These specific steps include screenshots that were taken > saved > edited > and then overwritten (saving the same image/file over the original one), as well as those that were opened in the Snipping Tool > edited > saved in the exact same location.”
Microsoft also clarified that the problem does not impact screenshots that were modified before being saved, nor does it affect images that were copied and pasted into other applications, such as emails or documents.
Why Should You Worry?
The vulnerability allows hackers to reverse modifications made to specific screenshots. This implies that any private information that was attempted to be concealed by cropping or drawing over it might actually be made public. This might include parts of the picture that have been edited or cropped that were supposed to be concealed.
What Should You Do To Avoid This?
For those concerned about the security vulnerability, Microsoft has announced that updates are available to address the issue. Users can download the latest updates for the affected apps by following a few simple steps. First, head to the Microsoft Store, then click on Library and choose to Get updates. If automatic updates are enabled, the Snipping Tool should be updated to version 10.2008.3001.0, while the Snip & Sketch tool will be updated to version 11.2302.20.0.
Final Word On Microsoft Fixes Screenshot Editing Vulnerability on Windows With New Update
While this news may come as a relief to some users, it is still crucial to remain vigilant and take steps to protect your data from potential cyber threats. It is advised to keep your applications and OS updated to the latest version to avoid such kinds of vulnerabilities.