Microsoft fixes Acropalypse privacy bug in Windows 11 Snipping Tool


Microsoft is testing an updated version of the Windows 11 Snipping Tool that fixes a recently disclosed ‘Acropalypse’ privacy flaw that allows the partial restoration of cropped images.

As first spotted by Windows enthusiast Xeno, Microsoft released Windows 11 Snipping Tool version 11.2302.20.0 yesterday to Windows Insiders in the Canary channel via the Microsoft Store.

With this release, BleepingComputer can confirm that Microsoft fixed the bug that does not remove cropped image data when saving changes to the original file on Windows 11. However, the bug remains in Windows 10.

The Acropalypse privacy flaw

Last week, a new security vulnerability named ‘Acropalypse’ was disclosed for Google Pixel devices that can partially restore deleted content from cropped images.

This flaw is considered a privacy risk because it’s common to remove sensitive information from a photo by cropping it. This could be a wide variety of info, including confidential info from a document, location-identifying information, faces in a nude picture, or sensitive URLs in a browser screenshot.

The vulnerability was disclosed by security researchers David Buchanan and Simon Aarons, who reported the bug in Google Pixel’s Markup Tool to Google, which then fixed it as part of the Google Pixel March security updates.

Soon after, it was discovered that the bug also affected the Windows Snipping Tool, allowing cropped screenshots to be partially recovered.

The bug is caused by different reasons in Windows Snipping Tool and Google Pixel’s Markup Tool. Still, the end result is that when you crop a photo using the image editors and overwrite the original file with the changes, the cropped-out data will not be removed from the file.

Instead, the cropped image will be the same size as the original, now containing two IEND data chunks, with the first being the proper ending of the new cropped image and the second being the end of cropped data that should have been truncated when the image was saved.

Below is an example of a PNG file affected by the Acropalypse bug allowing the recovery of cropped data. Notice how the image has two IEND data chunks in the file when the file format specifies that there should only be one IEND marker in a PNG file to denote the end of the image.

PNG file affected by the Acropalypse flaw
PNG file affected by the Acropalypse flaw
Source: BleepingComputer

In the new Windows 11 Snipping Tool version 11.2302.20.0, when cropping data and overwriting the original file, the software will now correctly truncate the unused data, leaving only one IEND data chunk in the image.

Cropped and original pictures now having different sizes
Cropped and original pictures now having different sizes
Source: BleepingComputer:

This effectively fixes the issue in the Windows 11 Snipping tool and should make it into the production release over the next few weeks.

However, the issue also affects the Windows 10 Snipping Tool (Snip and Sketch), and no update is available, even to Insiders, that resolves the bug.

BleepingComputer has contacted Microsoft about whether the Windows 10 app will also be fixed and will update this post if we receive a response.





Source link