Windows 11 Snipping Vulnerability Found!

Windows 11 Snipping Vulnerability Found

Google’s A recent discovery involving Pixel phones has raised concerns about the safety of sharing edited screenshots. “aCropalypseThis issue, known as ”, occurs via screenshots without prompting sensitive information, even after the user edits or blurs the information.

As it turns out, Google isn’t the only brand facing this issue – Microsoft’s Windows 11 Snipping Tool has been found to have a similar vulnerability, putting users’ private information at risk when taking screenshots.

aCropalypse vulnerability is one of the threat actors allowing it to undo edits made to the screenshot revealing sensitive information that the user intended to crop or blur.

When editing a screenshot, users often save the edited image with the same name as the original file and unintentionally overwrite it. With this, Windows 11 Snipping Tool, it doesn’t delete the original information from the file, it just appends it to the end and makes it invisible to the average user. offensive, a little With its technical know-how, it can retrieve the confidential information in the file and access the edited content.

A Serious Vulnerability!

Twitter user Chris Blume reported the vulnerability in the Windows 11 Snipping Tool, prompting further investigation. Initially Pixel on phones aCropalypse David Buchanan, who exposed the vulnerability, has since Windows 11 Snipping ToolConfirmed that works similarly despite using a different color model.

Edited screenshots file size can also give clues about the vulnerabilitybecause these images are usually larger due to the inclusion of information from the original image.

This vulnerability poses a serious threat as users frequently crop or blur sensitive information before sharing images. For example, a user can post a screenshot of an order confirmation page from Amazon, removing their address before shipping. However, this vulnerability could allow an attacker to obtain clipped information such as addresses, credit card numbers and other sensitive data.

With the vulnerability now publicly known, a fix is ​​expected to be released soon. However, existing edited screenshots will continue to be affected, so users should reevaluate any images that may contain sensitive information. Attackers are likely looking for potential victims, so it’s very important to be vigilant and protect personal data.

cpk-1-tech