Xorte logo

News Markets Groups

USA | Europe | Asia | World| Stocks | Commodities



Add a new RSS channel

 
 


Keywords

2023-03-22 14:15:19| Engadget

It's not just Android phones that are vulnerable to a screenshot security flaw. Developer Chris Blume has discovered that Windows 11's Snipping Tool falls prey to a similar exploit. The utility doesn't completely erase unused PNG image data, making it possible to recover some of the cropped-out picture and potentially obtain sensitive data. As BleepingComputerverified with researcher David Buchanan, you can extract the supposedly hidden info using a slightly modified version of the script used to demonstrate the Android vulnerability.The issue doesn't affect some PNG files, including optimized images. You can also wipe the unused data by saving the cropped picture as another file in an image editing tool. JPEG files also leave data from the original screenshot, but the exploit isn't known to work with the format at this stage.holy FUCK.Windows Snipping Tool is vulnerable to Acropalypse too.An entirely unrelated codebase.The same exploit script works with minor changes (the pixel format is RGBA not RGB)Tested myself on Windows 11 https://t.co/5q2vb6jWOnpic.twitter.com/ovJKPr0x5Y David Buchanan (@David3141593) March 21, 2023We've asked Microsoft for comment and will let you know if we hear back. In a statement to BleepingComputer, Microsoft says it's "investigating" the security reports and will "take action as needed" to protect users.Buchanan and programmer Simon Aarons recently found a severe "aCropalypse" flaw in the Markup screenshot feature on Google Pixel phones. While Google has since patched the security hole with its March update (now expanded to Pixel 6 phones), the fix only addresses images created after installing the patch. Provided Microsoft releases a corresponding Windows 11 update, existing images may have the same problem.The concern, as you might guess, is that an intruder with access to your images might use a script to recover information you intend to hide, such as contacts and business secrets. The culprit could use the info for harassment, blackmail or espionage. While this may not be as much of a headache for locally stored screenshots (you have larger problems if an attacker already has access to your device), it could be very troublesome for unmodified images you save in the cloud.This article originally appeared on Engadget at https://www.engadget.com/windows-11-security-flaw-exposes-cropped-out-screenshot-data-131519887.html?src=rss


Category: Marketing and Advertising

 

Latest from this category

29.03Snapchats latest paid perk is an AI Bitmoji of your pet
28.03An OLED iPad Pro and the first big-screen iPad Air will reportedly arrive in May
28.03A $3 app shoots better spatial videos than the iPhones native camera
28.03You can now use your phone to get started with Amazons palm-reading tech
28.03Vizio just announced a $999 86-inch 4K TV
28.03Sam Bankman-Fried just got sentenced to 25 years in prison
28.03Google reverses course and brings its Gemini AI to the regular Pixel 8
28.03Take-Two is buying Gearbox from Embracer for $460 million
Marketing and Advertising »

All news

29.03Snapchats latest paid perk is an AI Bitmoji of your pet
29.03UK: Indicative Update On Impact Of Reform On FTSE Indices - Herbert Smith Freehills
29.03UK: Non-Financial Reporting Update On Call For Evidence - Herbert Smith Freehills
29.03British Virgin Islands: How To Preserve Confidential Information In BVI Claims - Harneys
29.03United States: DOL Issues 2024 Annual Adjustments For Federal Civil Penalties - Hall Benefits Law
28.03Malta: THREE LEGS GOOD TWO LEGS BETTER? BEREC Disagrees With The European Commission On The Maltese Broadband Market - GVZH Advocates
28.03Malta: The CJEU Rules On The Liability For The Payment Of VAT Arising From Fraudulently Issued Invoices - Ganado Advocates
28.03Ghana: Deep Sea Mining - Koranteng & Koranteng Legal Advisors
More »
Privacy policy . Copyright . Contact form .