Snipping Tool on Windows 10 and 11 can store data that users have deleted?

The Snipping Tool screen capture tool is one of the most commonly used applications on Windows. However, a newly discovered serious problem can completely turn a large part of Windows users away from Snipping Tool.

Accordingly, the famous reverse engineering researcher David Buchanan has just posted 'shocking' Snipping Tools findings on his personal Twitter account, related to the fact that Microsoft's screen capture tool seems to be able to automatically stores data (screenshots) users think they've deleted without their knowledge.

The post revealed that Buchanan tried to take a screenshot with the Snipping Tool on Windows 11 and save it. But then he can still crop as well as save the image to the same file and the system shows that the "cropped" data is not deleted afterwards.

Snipping Tool on Windows 10 and 11 can store data that users have deleted? Picture 1Snipping Tool on Windows 10 and 11 can store data that users have deleted? Picture 1

 

In a word, this vulnerability means that someone can get data back from a part of an image that has been cropped, almost in the same way that Pixel-based cropped images are restored. "The same mining script works with small changes (pixel format is RGBA, not RGB)," says Buchanan. The same problem occurs with the Snip & Sketch tool introduced by Microsoft with Windows 10, but doesn't seem to be encountered with Windows 10's native snipping tool.

In general, in theory, this vulnerability can be used by hackers to reveal sensitive information that has been previously removed in the image, such as passwords, credit card numbers, account numbers. banks, etc. All of them are collectively referred to as "Acropalypse". Google had previously encountered the same issue on its Pixel phones and successfully patched it. Microsoft has yet to officially comment on David Buchanan's findings.

4 ★ | 2 Vote