First Pixels, now the Windows snipping tool has a major privacy flaw

Edgar Cervantes / Android Authority

TL;DR

  • It turns out that the Windows Snipping Tool is vulnerable to a screenshot editing flaw as well.
  • This flaw means hackers can effectively uncrop your cropped screenshot in some cases.
  • The news comes after it was revealed that partial screenshots on Pixel phones could be uncropped.

Google’s Pixel phones are in the spotlight due to a so-called Acropalypse flaw. This flaw meant that hackers were able to unredact and uncrop screenshots edited via the Markup tool. Now it turns out that Google isn’t alone in having this flaw on its devices.

Software engineer Chris Blume reported on Twitter that the Windows 11 Snipping Tool is also vulnerable to a similar flaw, allowing hackers to retrieve image data that was cropped out of a screenshot.

Windows 11 Snipping Tool flaw Chris Blume Twitter

More specifically, this flaw pops up when people save a screenshot, use the Snipping Tool to crop it, and then save the resulting PNG file by overwriting the original PNG file (e.g. using the same name as the original file). However, saving the cropped file under a new name doesn’t result in the full screenshot being accessible.

Much like the original Acropalypse flaw for Pixel phones, this Windows vulnerability means sensitive info (e.g. financial info, private images, chat messages) could still be accessible in an image if you thought you cropped it out.

It’s reported that this flaw also applies to Windows 10’s Snip and Sketch Tool but not to the original snipping tool. Either way, you might want to make sure you save cropped screenshots with a new name for now if you’re using the affected tools. Otherwise, you can always hit Windows+Shift+S to create a cropped screenshot from the get-go. But we hope Microsoft quickly patches this vulnerability nonetheless.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.