Last week, a new vulnerability dubbed Acropalypse was revealed in the Windows Snipping tool. It was revealed that Windows Snipping tool was not properly removing the cropped image data when overwriting the original file.
Yesterday, Microsoft released an emergency security update for the Windows 10 and Windows 11 devices to fix this Acropalypse vulnerability in Snipping tool. You can find the fix details here.
The severity of this vulnerability is Low because successful exploitation requires uncommon user interaction and several factors outside of an attacker’s control. For an image to be affected by this vulnerability, a user must have created it under following specific conditions:
- The user must take a screenshot, saved it to a file, modify the file (for example, crop it), and then save the modified file to the same location.
- The user must open an image in Snipping Tool, modify the file (for example, crop it), and then save the modified file to the same location.
Scenarios like copying the image from Snipping Tool or modifying it before saving it are not affected.
For example, if you take a screenshot of your bank statement, save it to your desktop, and crop out your account number before saving it to the same location, the cropped image could still contain your account number in a hidden format that could be recovered by someone who has access to the complete image file.
The default Snipping Tool in Windows 10 and older versions are not affected by this vulnerability. Only the latest Snip & Sketch in Windows 10 and Snipping Tool in Windows 11 are affected by this vulnerability.
Update your apps to the following version which has a fix for this vulnerability.
- For Snip and Sketch installed on Windows 10, app versions 10.2008.3001.0 and later contain this update.
- For Snipping Tool installed on Windows 11, app versions 11.2302.20.0 and later contain this update.
