Bug Makes Windows 11 Snipping Tool Images Recoverable After Editing
if you are Share screenshot Anything trimmed or edited with the Windows 11 Snipping Tool can put your privacy at risk.
looks like Windows’ built-in screenshot editing tool It is also part of “aCropalypse”. This is a security flaw recently discovered in Google Pixel’s markup image editing tool that allows partial restoration of the original image from a cropped or edited version.
The original vulnerability was discovered by a security researcher Simon Aarons and David Buchanan Reported to Google in January 2023. Google released a fix for Pixel 4A, 5A, 7 and 7 Pro that March 2023 security patch.
However, this vulnerability has existed for 5 years before it was discovered, so cropped/edited images shared within the last 5 years may be compromised depending on the platform they were shared on.
according to FAQ page (not available at the time of this writing) and share 9to5Google, the vulnerability existed because the markup saved the edited image file to the same location as the original file without erasing the original file first. If the edited file is smaller than the original file, the trailing part of the original file will remain in the storage location and that part of the original file can be recovered using reverse engineering exploits. Full technical details of the vulnerability and exploit can be found at Buchanan’s blog explains it in detailand researchers also created Demo tool To restore photos on the affected Pixel.
But with Windows 11 Snipping Tool Snip & Sketch for Windows 10 (but Not Windows 10 Snipping Tool) same Vulnerability – nevertheless As Buchanan points out, is part of a completely unrelated codebase. Buchanan tested a modified version of the exploit on Windows 11 and was able to recover most of the original image.
Needless to say, this is not great. People usually crop or edit images to protect information, identity, etc. Also, some platforms such as Twitter remove images of data at the end of it upon upload, while others such as Discord do not (or until the January 17, 2023 update). did).
aarons showed the original defect A cropped image of a blacked-out credit card uploaded to Discord. Using the exploit on the downloaded image, we were able to recover approximately 80% of the original image, including the “redacted” digits.
Buchanan says Snipping Tool Version 11.2302.20.0It’s currently not available to regular users, but you can install it manually, which seems to solve the problem. But at this point, I’m not sure I can trust the built-in screenshot editing tools (not since I learned that Apple’s markup tools have an undo feature).