“The worst instance was when I posted a cropped screenshot of an eBay order confirmation email, showing the product I’d just bought,” Buchanan writes in a blog post. This could be anything from a credit number or a person’s face in the original photo. The significant privacy concern with the “acropalypse” bug is that hackers might be able to exploit the flaw to recover sensitive information from the images edited on Microsoft’s Snipping Tool and Google Pixel’s Markup. Instead, the bug leaves the unused image data behind, allowing it to be partially recovered by potential hackers. I opened a 198 byte PNG with Microsoft's Snipping Tool, chose "Save As" to overwrite a different PNG file (no editing), and saves a 4,762 byte file with all that extra after the PNG IEND chunk.īleeping Computer reports that after a photo has been opened and edited or cropped in the Windows 11 Snipping Tool, the software does not truncate the unused data. I've got a fun one for you all to look at. A day later, on March 21, software engineer Chris Blume discovered that this photo cropping bug also affects Microsoft’s Snipping Tool on Windows 11.
0 Comments
Leave a Reply. |