It should be noted that this vulnerability does not affect all PNG files, including optimized PNGs. Even if you are unable to restore the original image completely, someone can recover private information that you do not want to be made public. The original image can be partially recreated using the untruncated data, albeit this could expose private areas of the image.Īlthough Buchanan shared a Python script with BleepingComputer that can be used to recover Windows files, the researcher’s online acropalypse screenshot recovery software does not yet support Windows files.Ĭonsider cropping off portions of an image or sensitive data when you screenshot a private document, a nude photo, or a sensitive spreadsheet. The Windows 11 Snipping Tool did not properly truncate the unused data, and it is still present after the IEND data block after replacing the original image with the cropped version.Īnything following the initial IEND is disregarded, so when you open the file in an image viewer, all you see is the cropped image.
Image editors and viewers discard any further data inserted after this point. The original image file’s file sizes (office-screenshot-original.png) and cropped image file (office-screenshot.png), as can be seen below, are the same, even though the cropped image now has far fewer data than the original.Īccording to the PNG format specification, a PNG image file must always finish with an ‘IEND’ data chunk. The photos below show both the uncropped originals and the results. We used the Windows 11 Snipping Tool to open an existing PNG image, crop it (you can also edit or mark it up), and then save the modifications to the original file to test this. Vulnerability specialist Will Dormann also validated the Windows 11 Snipping Tool problem with Dormann’s assistance.
When a file is opened with the Windows 11 Snipping Tool, and an existing one is overwritten, the unused data is left behind rather than truncated, allowing for partial recovery. Tested myself on Windows 11 /ovJKPr0x5Y- David Buchanan MaSnipping Tool For Windows 11 & 10 Was Also AffectedĬhris Blume, a software expert, has confirmed that the Windows 11 Snipping Tool is likewise vulnerable to the “acropalypse” privacy bug. The same exploit script works with minor changes (the pixel format is RGBA not RGB) Windows Snipping Tool is vulnerable to Acropalypse too.
0 kommentar(er)
