Affiliate links on Android Authority may earn us a commission. Learn more.
Now the Windows snipping tool has a major privacy flaw (Updated: Fixed)
- It turns out that the Windows Snipping Tool is vulnerable to a screenshot editing flaw as well.
- This flaw means hackers can effectively uncrop your cropped screenshot in some cases.
- The flaw has since been patched by Microsoft.
Update: March 27, 2023 (1:48 AM ET): Microsoft has released an emergency security update for a flaw that allowed hackers to essentially uncrop your cropped screenshot. According to Bleeping Computer, the update fixes the flaw on both Windows 10 and Windows 11.
The flaw — which you can read about below — meant that people could access potentially sensitive image data that you thought was cropped out of an edited screenshot. Nevertheless, we’re glad to see Microsoft patched this issue.
Original article: March 22, 2023 (2:37 AM ET): Google’s Pixel phones are in the spotlight due to a so-called Acropalypse flaw. This flaw meant that hackers were able to unredact and uncrop screenshots edited via the Markup tool. Now it turns out that Google isn’t alone in having this flaw on its devices.
More specifically, this flaw pops up when people save a screenshot, use the Snipping Tool to crop it, and then save the resulting PNG file by overwriting the original PNG file (e.g. using the same name as the original file). However, saving the cropped file under a new name doesn’t result in the full screenshot being accessible.
Much like the original Acropalypse flaw for Pixel phones, this Windows vulnerability means sensitive info (e.g. financial info, private images, chat messages) could still be accessible in an image if you thought you cropped it out.
It’s reported that this flaw also applies to Windows 10’s Snip and Sketch Tool but not to the original snipping tool. Either way, you might want to make sure you save cropped screenshots with a new name for now if you’re using the affected tools. Otherwise, you can always hit Windows+Shift+S to create a cropped screenshot from the get-go. But we hope Microsoft quickly patches this vulnerability nonetheless.