Severe Privacy Vulnerability ‘Acropalypse’ Affects Windows 11 Snipping Tool
Acropalypse Flaw
Microsoft’s Windows 11 Snipping Tool has been found to contain a severe privacy flaw named ‘acropalypse’. The flaw, which has already been discovered in Google Pixel’s Markup Tool, allows partially edited content to be recovered. Security researchers David Buchanan and Simon Aarons recently found that the original image data is retained even after editing or cropping out. The bug poses a significant privacy risk, as it can allow sensitive information, such as credit card numbers or revealing photos, to be partially recovered.
The researchers created an online screenshot recovery tool, acropalypse, which attempts to recover edited images created on Google Pixel.
See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses
Acropalypse privacy flaw also affects the Windows 11 Snipping Tool.
Today, software engineer Chris Blume confirmed that the acropalypse privacy flaw also affects the Windows 11 Snipping Tool. Overwriting an existing file in the tool leaves unused data behind, making it partially recoverable.
I've got a fun one for you all to look at.
I opened a 198 byte PNG with Microsoft's Snipping Tool, chose "Save As" to overwrite a different PNG file (no editing), and saves a 4,762 byte file with all that extra after the PNG IEND chunk.
Sounds similar 😀
— Chris Blume (@ProgramMax) March 21, 2023
To test this flaw, BleepingComputer opened an existing PNG file in the Windows 11 Snipping Tool, cropped it, and then saved the changes to the original file. Surprisingly, the file sizes for the original image file and the cropped image file were the same, indicating that unused data was not truncated, but left behind.
While the untruncated data may not be visible in an image viewer, it can be used to recreate sensitive portions of the original image. Buchanan shared a Python script with BleepingComputer that can be used to recover Windows files.
Trending: A primer on OS Command Injection Attacks
Recovery of sensitive information
Even though the online acropalypse screenshot recovery app does not currently work with Windows files, Buchanan warned that a potential privacy risk exists. Users may have sensitive information in screenshots that they cropped out, but this information can still be partially recovered by someone with the right tools.
Microsoft acknowledged the reports and stated that they are investigating the issue to protect their customers. However, the researchers noted that not all PNG files, such as optimized PNGs, are affected by this flaw. Additionally, opening an untruncated PNG file in an image editor and saving it to another file can strip off the unused data at the end, making it no longer recoverable.
The Windows 11 Snipping Tool also behaves similarly with JPG files, leaving untruncated data if overwritten. Buchanan warned that his exploit does not currently work on JPGs, but it could be possible.
Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com
Recent News
New Ghost Tap Attack: The Next-Level Credit Card Scam Exploiting Apple Pay and Google Pay
Apple Rushes to Patch Two Zero-Day Exploits Targeting Intel-Based Macs
Chinese Hackers Exploit Zero-Day in FortiClient VPN with ‘DeepData’ Toolkit
Critical Flaw in Popular WordPress Plugin Puts Millions of Websites at Risk
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
