Someone Might Be Able to Un-Crop Your Windows Screenshots

Windows 11 logo

Cropping an image on Windows 11 is easy. Just grab the Snipping Tool and go to town. But what if we told you a malicious actor can recover data from that cropped image? It’s a real thing happening to Google Pixel users, and apparently, Windows 11 PCs as well.

There have been reports of a new vulnerability called “Acropalypse,” which is affecting owners of Google Pixel smartphones cropping images using Markup. Someone can recover previously-cropped parts of images, exposing compromising information such as credit card numbers. New reports indicate the problem also affects Windows 11. By making minor changes to the exploit script used on Pixel phones, you can recover data from some images cropped using Snipping Tool on Windows 11 and Snip & Sketch on Windows 10. The original Snipping Tool on Windows 10, which was largely unchanged from Windows 8 7, does not appear to be affected.

Demo of a cropped image being recovered
Demo of Acropalypse in Windows Will Dormann (Twitter)

You can test this pretty easily, too. Just open an image with Snipping Tool, crop a small part of it, and save it. Even though it’s much smaller, you’ll see that the image somehow has the same file size. This means that the image is vulnerable — the bits you can recover from it can be a garbled mess, but you can make out some stuff from it. If you’re cropping out sensitive information from a screenshot this way, there’s a non-zero chance someone can recover it.

We’ve reached out to Microsoft for comment and will update this post if we hear back. For now, this appears to be an unpatched vulnerability, so you should be careful with what screenshots you’re cropping, and how you’re doing it.

Source: David Buchanan (Twitter)Will Dormann (Twitter)


This website uses cookies. By continuing to use this site, you accept our use of cookies.