What just happened? Users editing images on Google Pixel phones or Windows PCs have to be very careful about the tools they use. A new bug has been discovered in both Google's and Microsoft's operating systems, where previously cropped images could be recovered through a "universal" script that works on both systems.
There's a new security bug in town, and it could spell trouble for users' privacy on both Android and Windows platforms. The flaw was first discovered by security researcher Simon Aarons in Google's Markup screenshot editing tool available on Pixel smartphones, where it was dubbed "Acropalypse." By exploiting the bug, a script could recover the part of the image left out after editing.
As verified by security researcher David Buchanan, the bug is affecting the latest editions of Windows too. The flaw works on image files saved in the PNG format, which dictates that the image content ends with an "IEND" data chunk; any data added after the IEND part will be ignored by image viewers or editing tools.
Buchanan discovered that when a screenshot is cropped through the Windows 11 Snipping Tool and then saved over the original image file, a new IEND data chunk is added to the PNG image, but a part of the original screenshot is still present after the IEND data section.
holy FUCK.
--- David Buchanan (@David3141593) March 21, 2023
Windows Snipping Tool is vulnerable to Acropalypse too.
An entirely unrelated codebase.
The same exploit script works with minor changes (the pixel format is RGBA not RGB)
Tested myself on Windows 11 https://t.co/5q2vb6jWOn pic.twitter.com/ovJKPr0x5Y
With just a few "minor changes," Buchanan says, the same Acropalypse script that can recover a cropped-out image on Android is capable of doing the same on Windows as well. We're talking about just a partial restoration of the original image here, but the bug could be a potential threat to privacy or security if that original image included sensible (or even secret) data.
The Acropalypse flaw affects Google Markup on Android, the Snipping Tool on Windows 11 and the Snip and Sketch tool on Windows 10. The exploit has been proven effective in recovering partially erased data in "non optimized" PNG images, Buchanan said, even though the aforementioned Snipping Tool seems to leave extra data at the end of edited (cropped) JPEG images as well.
Google has already patched the flaw on its Pixel phones, while Microsoft is still investigating the issue. To minimize the risk, Windows users can use third-party applications for their editing and cropping tasks where the extra data after the IEND chunk is seemingly erased for good.