Windows 11 Snipping Tool can leak vulnerable information you cropped out
What you need to know
- The Windows 11 Snipping Tool has a vulnerability that can share data and details that have been cropped out of screenshots.
- Information that has been cropped out of images can be at least partially restored.
- The vulnerability is similar to what has been discovered with the screenshot tool in Google Pixel phones, which has been called “aCropalypse.”
Windows 11’s Snipping Tool has a vulnerability that can be exploited to expose data that users have cropped out of screenshots. The problem is similar to “aCropalypse,” which is a vulnerability with the screenshot tool on Google Pixel phones. In both instances, a person can at least partially recover data that has been cropped out of images.
The exact workings of the vulnerabilities differ slightly, but the end result is the same. Chris Blume, a retired software engineer noted the Windows 11 Snipping Tool flaw:
I’ve got a fun one for you all to look at.I opened a 198 byte PNG with Microsoft’s Snipping Tool, chose “Save As” to overwrite a different PNG file (no editing), and saves a 4,762 byte file with all that extra after the PNG IEND chunk.Sounds similar 😀March 21, 2023
David Buchanan took a closer look at the phenomenon and shared insights on Twitter.
The security implications of this vulnerability are severe. If someone used the Snipping Tool to capture a page that included their address, credit card number, or other personal information, they would likely assume cropping the image would remove that data. Any shared images containing that information could open the doors to identity theft or other issues.
Security expert Will Dorman confirmed the vulnerability and shared the steps to confirm the problem:
Can confirm.Easy test:1. Copy an image (to have a backup)2. Open one with Snipping tool3. Crop it to make it much smaller4. Click the Save icon5. Compare file sizes of cropped and original6. Wonder about the world that you live in https://t.co/2V3totEqw6 pic.twitter.com/g19MTxlzN1March 21, 2023
BleepingComputer shared a technical breakdown of how the vulnerability can be exploited and to what extent data can be restored through it.
There’s already an aCropalypse screenshot recovery app that can restore information from Pixel phones. While that does not work with images from the Windows 11 Snipping Tool at this time, a similar app could arrive in the future. Buchannan shared a Python script with BleepingComputer that is able to recover files from Windows 11.
Microsoft confirmed to BleepingComputer that it is aware of reports and looking into the issue. “We are aware of these reports and are investigating. We will take action as needed to help keep customers protected,” said a Microsoft spokesperson.
