A new issue has been discovered in the snipping tool image of Microsoft in Windows 10 and 11. Researcher David Buchanan published his findings on his Twitter account,
The post shows that Buchanan took a snapshot screenς με το Microsoft Windows 11 Snipping Tool and saved it. It then cropped the image, and saved it to the same file to show that the “cropped” data was not deleted.
Dubbed “aCropalypse,” this security flaw means someone could recover data from the cropped part of the image. Buchanan stated, “The same exploit script works with minor changes (even if the pixel format is in RGBA rather than RGB).” In a later post he added that the same problem is found with Microsoft's Snip & Sketch tool included with Windows 10, but not with the original Windows 10 snipping tool.
These exploits could theoretically be used by hackers to reveal sensitive information that had been clipped into images, such as codepasswords, credit card numbers, bank accounts and more. So far, Microsoft has not mentioned anything about this problem yet.
