1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • The Windows 11 cropping tool shares a Google Pixel security flaw

    From TechnologyDaily@1337:1/100 to All on Wed Mar 22 10:15:04 2023
    The Windows 11 cropping tool shares a Google Pixel security flaw

    Date:
    Wed, 22 Mar 2023 10:07:08 +0000

    Description:
    Edited screenshots are being recovered on Windows 11, putting sensitive data and identities at risk.

    FULL STORY ======================================================================

    Fresh off the back of Google Pixels Markup tool being found to have retained image data even when edited out , software engineer Chris Bloom has found a similar bug in the Windows 11 Snipping Tool.

    Dubbed acropalypse, the phenomenon works when an existing file is overwritten with edits, such as crops. Rather than omitting the cropped data, the image file retains it, potentially allowing it to be recovered and used in an identity theft attack.

    Per BleepingComputer , the researchers who discovered the original Google Pixel flaw, David Buchanan and Simon Aarons , have launched a tool demonstrating that this is possible, although we should probably stress that you should only use it for testing purposes. Acropalypse on Windows 11

    The Windows rendition of the bug, which also applies to Windows 10s Snip and Sketch tool, has been corroborated by vulnerability expert Will Dormann and BleepingComputer in testing, but its also easily verifiable by anyone.

    In Snipping Tool, once youve take a screenshot, cropped it, and saved it as a copy of the original, compare the file sizes. With any (bad) luck, theyre the same. Read more

    Several zero day vulnerabilities are plaguing Android devices with Samsung
    chips, warns Google


    Identity theft: keeping fraudsters at bay


    Weve also listed the best screen recorders right now

    And, as you can notice by opening one in a text editor , PNG files generally require that all files end with an IEND data chunk, but Snipping Tool fails
    to both remove the data, and presents it after the chunk.

    That Google Pixel and Windows are both susceptible to a highly similar bug with the potential to do quite a bit of harm should be concerning given that, as Buchanan noted in a profane tweet on Tuesday, the Markup and Snipping
    tools are two entirely unrelated codebases. Heres our list of the best photo editing PCs right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/the-windows-11-cropping-tool-shares-a-google-pi xel-security-flaw


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)