Acropalypse screenshot bug poses a privacy risk on Android and Windows

Alfonso Maruccia

Posts: 399   +176
What just happened? Users editing images on Google Pixel phones or Windows PCs have to be very careful about the tools they use. A new bug has been discovered in both Google's and Microsoft's operating systems, where previously cropped images could be recovered through a "universal" script that works on both systems.

There's a new security bug in town, and it could spell trouble for users' privacy on both Android and Windows platforms. The flaw was first discovered by security researcher Simon Aarons in Google's Markup screenshot editing tool available on Pixel smartphones, where it was dubbed "Acropalypse." By exploiting the bug, a script could recover the part of the image left out after editing.

As verified by security researcher David Buchanan, the bug is affecting the latest editions of Windows too. The flaw works on image files saved in the PNG format, which dictates that the image content ends with an "IEND" data chunk; any data added after the IEND part will be ignored by image viewers or editing tools.

Buchanan discovered that when a screenshot is cropped through the Windows 11 Snipping Tool and then saved over the original image file, a new IEND data chunk is added to the PNG image, but a part of the original screenshot is still present after the IEND data section.

With just a few "minor changes," Buchanan says, the same Acropalypse script that can recover a cropped-out image on Android is capable of doing the same on Windows as well. We're talking about just a partial restoration of the original image here, but the bug could be a potential threat to privacy or security if that original image included sensible (or even secret) data.

The Acropalypse flaw affects Google Markup on Android, the Snipping Tool on Windows 11 and the Snip and Sketch tool on Windows 10. The exploit has been proven effective in recovering partially erased data in "non optimized" PNG images, Buchanan said, even though the aforementioned Snipping Tool seems to leave extra data at the end of edited (cropped) JPEG images as well.

Google has already patched the flaw on its Pixel phones, while Microsoft is still investigating the issue. To minimize the risk, Windows users can use third-party applications for their editing and cropping tasks where the extra data after the IEND chunk is seemingly erased for good.

Permalink to story.



Posts: 960   +1,473
This is an embarrassment to both companies. Now I have to go back through all my old screenshots and probably delete a bunch…