Microsoft reversibly fixes screenshot vulnerability on Windows


Microsoft has pushed an update to fix a screenshot editing vulnerability in Windows 10 and 11, as previously noted by Beeping computer. Dubbed the “aCropalypse,” the vulnerability could allow attackers to restore edited portions of screenshots, potentially revealing personal information that was cropped or hidden.

According to Microsoft, the issue (CVE-2023-28303) affects both the Snip & Sketch app on Windows 10 and the Snipping Tool on Windows 11. However, it only affects images created in a very specific set of steps. That includes those created, saved, edited, and then saved over the original file, as well the ones opened in the Snipping Tool, edited, and then saved in the same location. It will not have any effect on the modified screenshots for save and also does not affect screenshots copied and pasted into, for example, the body of an email or document.

Microsoft first learned of the issue earlier this week. That’s when Chris Blume, the chair of the working group on the PNG image format, brought it to the attention of David Buchanan and Simon Aarons – the same security researchers who discovered the aCropalypse vulnerability that affected the Google Pixel’s Markup tool . This similarly allows hackers to undo changes made to screenshots, making it possible to reveal the personal information in an image that someone thought they were hiding, either by cutting it out or scribbling over it.

You can download the latest updates for the affected apps on Windows by going to the Microsoft Store and clicking Libraryand then choose Get updates. If you have automatic updates enabled, you should notice that the Snipping Tool should be set to version 10.2008.3001.0, while the Snip & Sketch tool will be version 11.2302.20.0. Like the patch released by Google, Microsoft’s change won’t update edited screenshots that were already posted online, potentially leaving thousands of screenshots on the web for attackers to exploit.